On 09/23/2011 05:55 PM, Francisco Javier Marín Murillo wrote:
Thank you Stephen. But I set entry_cache_timeout to 90 seconds.
The
issue is that even setting it to 90 seconds or 5 seconds it never
times out(even after 90 seconds or 5 seconds is expired). It never
ever expires. I have checked the client the next day and the entry is
still in the database That is the issue. What can be causing this ?
is it something wrong with the sssd service that does not read
correctly the sssd.conf configurations ?
Might be a bug...
Stephen it is worth inspecting the code where we check the expiration
timeout may be we do something wrong there.
> Subject: Re: [SSSD] SSSD netgroup issue
> From: sgallagh(a)redhat.com
> To: sssd-devel(a)lists.fedorahosted.org
> CC: chisco.13(a)hotmail.com <mailto:chisco.13@hotmail.com>
> Date: Fri, 23 Sep 2011 15:09:40 -0400
>
> On Fri, 2011-09-23 at 13:00 -0600, Francisco Javier Marín Murillo wrote:
> > Just to let you know the only way how I have been able to expire
> > netgroup cache is when I delete db cache and restart sssd. But that
> > does not work for us because we want sssd to expire cache
> > automatically with no manual intervention.
> >
>
> As I wrote in my other email, there will always be a lag, based on the
> entry_cache_timeout value. This is to reduce the load on your LDAP
> server, under the reasonable expectation that entries in LDAP are
> "write-rarely, read often". In the majority of cases, you don't want
to
> waste time and CPU on constantly going out the LDAP server.
>
> For the reverse, there's no way for the LDAP server to "push" updates
to
> the clients. LDAP doesn't work that way. All data requests have to
> originate with the clients. So there's no way to achieve an
> instantaneous update when something changes.
>
_______________________________________________
sssd-devel mailing list
sssd-devel(a)lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/