Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1430415
Description of problem:
Customer said:"Our intention is to have the entire ldap catalog in the local
cache and for that purpose we have set "enumerate = true" but but every 3 hours
when ldap_purge_cache_timeout is done all accounts, groups and sudo rules is
removed from the local cache. After 3 hours again all entries is back in the
local cache". The customer is fully aware of the performance impact when using
The customer claims that the issue is perceived on servers running 7.3 and sssd
1.14.0 release 43.el7_3.11, but seemed to work fine in rhel 6 and sssd 1.13.3
According to "man sssd-ldap", if enumeration is enabled, the cleanup task, i.e.
ldap_purge_cache_timeout is required in order to detect entries removed from
the server and can't be disabled!
Version-Release number of selected component (if applicable):
sssd 1.14.0 release 43.el7_3.11
Steps to Reproduce:
Please, also check that refresh_expired_interval doesn't have the same issue.
Metadata Update from @pbrezina:
- Issue set to the milestone: None
to comment on this ticket.
Copyright © 2014-2017 Red Hat
2.14.2 — Documentation