Yes, definitely hitting timeout - our firewall is configured to drop the traffic rather than rejecting it. Will try to configure for reject - that could do the job. Ondrej
-----Original Message----- From: sssd-users-bounces@lists.fedorahosted.org [mailto:sssd-users-bounces@lists.fedorahosted.org] On Behalf Of Jakub Hrozek Sent: 03 July 2015 10:55 To: sssd-users@lists.fedorahosted.org Subject: Re: [SSSD-users] AD site recognition with sssd version 1.11.5
On Fri, Jul 03, 2015 at 08:15:47AM +0000, Ondrej Valousek wrote:
Hi Frank,
Yes, that would work, indeed. The thing is, that it would cripple down roaming users that travels between sites. But thanks for the hint, anyway.
I don't really have time to do many tests right now, but I would suggest the DNS timeout: dns_resolver_timeout and the LDAP timeouts: ldap_search_timeout ldap_network_timeout ldap_opt_timeout
btw the defaults are alrady 6 seconds which is quite high, are you sure you're hitting timeouts? _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
-----
The information contained in this e-mail and in any attachments is confidential and is designated solely for the attention of the intended recipient(s). If you are not an intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or any part thereof. If you have received this e-mail in error, please notify the sender by return e-mail and delete all copies of this e-mail from your computer system(s). Please direct any additional queries to: communications@s3group.com. Thank You. Silicon and Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office: South County Business Park, Leopardstown, Dublin 18.