Hello,
I have been struggling with this problem for a while. When a user changed their
password, our 389 directory servers received new password and saved into
directory server. However, when user tries to login to a server whose
authentication is using 389 directory server, their new password won't work for
the first few minutes. There is a local cache process, sssd, running on the
server the user tries to login. Apparently sssd is still using old password
information, and does not know password has changed on directory servers. I
have set sssd to keep cache information for 5 minutes only, and do pre-fetch
prior to cache information expiring. But I don't know how to tell sssd to
ignore cache completely when information has changed on 389 directory server
side.
Is there a way to completely disable sssd local cache, and only use it when 389
directory servers are not available?
Thank you,
- Xinhuan
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
