On Fri, 7 Oct 2011, Stephen Harris wrote:
You're missing the point. If the query was sufficiently fast then you don't _need_ to worry about caching, and thus cache coherency, speed of propagation of changes, inconsistent results between machines etc etc.
Caching is a _kludge_ to hide an underlying problem. It adds complexity and additional failure modes.
In one sense yes, but I don't necessarily see any sense in an 'ls -l' in a lively directory causing *that* many hits to the information provider every time when user information changes rarely.
LDAP is slow. nscd, sssd, ldapcachemgr et al are all klduges to work around that fact.
It all depends on your definition of slow.
$ time ldapsearch 'cn=someuser' >& /dev/null
real 0m0.016s
That's not so bad for a LDAP server with ~100k users is it?
jh