[Freeipa-users] Slow ipa performance -- why so many ldap lookups ?
Jan-Frode Myklebust
janfrode at tanso.net
Fri Apr 5 12:42:33 UTC 2013
On Fri, Apr 05, 2013 at 08:19:21AM -0400, Dmitri Pal wrote:
>
> SELinux seems to be OK but the log definitely showing that not all users
> are successfully stored in a group.
Hmm.. I've noticed that in cn=$groupname,cn=groups,cn=accounts we have
both "member" and "memberUid", but "member" often contains more entries
than "memberUid". I've assumed that the "memberUid" was a legacy thing,
and just not maintained anymore.. Is this what you're referring to ?
Or is it the storing of groups in the sssd-database that isn't
successful ? Is this the intereseting entries? :
(Fri Apr 5 13:46:09 2013) [sssd[be[example]]] [sdap_save_group] (0x0400): Storing info for group sos
(Fri Apr 5 13:46:09 2013) [sssd[be[example]]] [sysdb_search_group_by_name] (0x0400): No such entry
(Fri Apr 5 13:46:09 2013) [sssd[be[example]]] [sysdb_search_group_by_gid] (0x0400): No such entry
-jf
More information about the Freeipa-users
mailing list