On Wed, Nov 08, 2017 at 03:52:57PM +0000, Andrew Meyer via FreeIPA-users wrote:
> Let's say I have a user that starts today and I forgot to add their
> username to FreeIPA.  I add their username and they need to start working
> fairly quickly.  I know that I can clear the sudo cache on each server
> with sss_cache -E but is there a way to do this w/ ldap/kerberos queries
> to have it reread the ldap database?
          ~~

I'm not sure what exactly do you mean by "it", but see man sssd-sudo for
some explanation of the caching mechanism.

Re-fetching the rules on-demand is not implemented yet.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to