|
|
Re: nested group control: msg#00026ldap.padl.nss
Andreas Hasenack [ahasenack@xxxxxxxxxxxx] wrote: > > Another data point: > "su - user500" (where user500 is a user belonging to 500 supplementary > groups) takes a few minutes and generates over 10.000 operations on the > ldap server. > > There really should be a way do disable nested group support. There are > tools that don't work even with it (like "id" and "groups") and ignore > the extra groups. As far as I know compiling without "enable-rfc2307bis" switches dynamic group behavior off. There's also "with-ngroups [targeted average group members number]" which is supposed to optimize searching. Just some ideas. I didn't test it myself. Cheers, -- Michal Kurowski perl -e '$_=q#: 13_2: 12/o{>: 8_4) (_4: 6/2^-2; 3;-2^\2: 5/7\_/\7: 12m m::#; y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print' |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: nested group control: 00026, Andreas Hasenack |
|---|---|
| Next by Date: | Re: Re: nested group control: 00026, Andreas Hasenack |
| Previous by Thread: | Re: nested group controli: 00026, Andreas Hasenack |
| Next by Thread: | Re: Re: nested group control: 00026, Andreas Hasenack |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |