Learn more about these different git repos.
Other Git URLs
Currently for every new login the full group-membership of the user is read from the server to make sure it is up-to-date. In environments with many domains and servers (AD forest, IPA with trust to AD) this might cause quite a number of lookups on different servers and as a results leads to a long login process.
The only option to control this behavior a bit is pam_id_timeout. But this timeout is a per-user timeout even is all data is in cache the login of a different user will trigger a group lookup on the server again.
Since we already track the lifetime of the group-membership data with SYSDB_INITGR_EXPIRE it might help to improve performance in environments where the group-memberships do not change that often to allow the PAM responder to skip the group lookup if the cached data is still valid. For better tuning it would make sense to add a new option to make the lifetime of the group-membership data independent of the lifetime of the user entry itself.
milestone: NEEDS_TRIAGE => SSSD 1.13.3
rhbz: => todo
owner: somebody => preichl
This ticket still needs work and we need to release 1.13.3 soon.
milestone: SSSD 1.13.3 => SSSD 1.13.4
This is a performance enhancement which is the scope of 1.14. But because this ticket has lower priority than the cache split, I'm only moving it to the Beta milestone.
milestone: SSSD 1.13.4 => SSSD 1.14 beta
owner: preichl => pcech
Too late for 1.14 beta, but might be a good idea for a subsequent 1.14 release.
milestone: SSSD 1.14 beta => SSSD 1.14 backlog
Since the 1.14 branch is transitioning into maintenance mode and new functionality is being developed in master which will become 1.15 eventually, I'm mass-moving tickets from the 1.14 backlog milestone to the "Future releases" milestone.
milestone: SSSD 1.14 backlog => SSSD Future releases (no date set yet)
Metadata Update from @sbose:
- Issue assigned to pcech
- Issue set to the milestone: SSSD Future releases (no date set yet)
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @pbrezina:
- Issue close_status updated to: cloned-to-github
- Issue status updated to: Closed (was: Open)
to comment on this ticket.