On Wed, Nov 08, 2017 at 03:52:57PM +0000, Andrew Meyer via FreeIPA-users wrote:
> Let's say I have a user that starts today and I forgot to add their
> username to FreeIPA. I add their username and they need to start working
> fairly quickly. I know that I can clear the sudo cache on each server
> with sss_cache -E but is there a way to do this w/ ldap/kerberos queries
> to have it reread the ldap database?
I'm not sure what exactly do you mean by "it", but see man sssd-sudo for
some explanation of the caching mechanism.
Re-fetching the rules on-demand is not implemented yet.
FreeIPA-users mailing list -- firstname.lastname@example.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org