|
|
Re: Re: nested group control: msg#00027ldap.padl.nss
On Fri, Mar 24, 2006 at 04:38:18PM +0100, Michal Kurowski wrote: > Andreas Hasenack [ahasenack@xxxxxxxxxxxx] wrote: > > > > Another data point: > > "su - user500" (where user500 is a user belonging to 500 supplementary > > groups) takes a few minutes and generates over 10.000 operations on the > > ldap server. > > > > There really should be a way do disable nested group support. There are > > tools that don't work even with it (like "id" and "groups") and ignore > > the extra groups. > > As far as I know compiling without "enable-rfc2307bis" switches > dynamic group behavior off. Yes, but rfc2307bis has other benefits. > There's also "with-ngroups [targeted average group members number]" > which is supposed to optimize searching. That's for something else (related to a buffer size: if the initial size is too small, another function call is made with a reallocated buffer). > Just some ideas. I didn't test it myself. Heh, at least someone is reading these posts ;) BTW, I tried versions 239 and 249. |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: nested group control: 00027, Michal Kurowski |
|---|---|
| Next by Date: | Re: Re: nested group control: 00027, Luke Howard |
| Previous by Thread: | Re: nested group controli: 00027, Michal Kurowski |
| Next by Thread: | Re: Re: nested group control: 00027, Luke Howard |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |