[Freeipa-users] Sudo issues with FreeIPA
Lukas Slebodnik
lslebodn at redhat.com
Sat Dec 21 20:28:13 UTC 2013
On (20/12/13 18:42), Dimitar Georgievski wrote:
>Hi Dmitri,
>
>One follow up question about the management of the SSSD local cache. I've
>tried to clean cache entries with the sss_cache utility, but it looks like
>this utility is not working. I was able to confirm with ldbsearch that
>records for specific entries were not removed from the cache.
>
>This seems to be a bug. I can use ldpdel with a restart of the SSSD daemon,
>but just wanted to confirm with you. I suspect you would know more about
>this problem. Unfortunately I wasn't able to find any info yet about this
>potential bug.
>
>thanks
>
>Dimitar
>
sss_cache does not remove users from cache (sss_cache -U)
This utility sets expiration of account to the past (unix time with value 1),
because user needs to be able authenticate offline.
Entry will be removed from cache if user try to
authenticate online and entry is removed from LDAP.
LS
More information about the Freeipa-users
mailing list