Hi Ellie, On Monday, February 28, 2022, at 12:53 AM, ellie timoney wrote: > "pts_module: ldap" in imapd.conf, I assume? Yes. >> If I change users group membership inside AD, ptloader doesn't pick the change up. > What do you have set for ptscache_timeout? If you don't have it set, the > default is 3 hours. Did you wait that long? Yes, but not for all tests in the past. > The documentation for ptscache_timeout implies that it's only for the > "afskrb" module, but I believe that might just be out of date (since the > specific thing it references no longer exists). Skimming source, it looks > like ptscache_timeout should apply regardless of which pts_module is in use. >> I can force picking up changes by expiring the cache (ptexpire -E0).
Must I configure cache expiration inside cyrus.conf or should that work without explicit configuration? > I don't think you should need to. But, if setting ptscache_timeout to a > value you're happy with doesn't sort it out, then maybe scheduling ptexpire > in cyrus.conf is the correct thing to do. >> Documentation is a bit poor here. > Indeed! If ptscache_timeout fixes it, let me know and I can rewrite that > ptscache_timeout documentation to be current. Cheers, ellie I've changed ptscache_timeout to 600. But I'm not sure what it fixes. Removing a user from a group removes the group from the user in the cache after five minutes. Adding a user to a group changes nothing in the cache. Logging a user off from cyrus changes nothing in the cache, the user persist for hours. ptexpire works perfect. Adam ------------------------------------------ Cyrus: Info Permalink: https://cyrus.topicbox.com/groups/info/Td2ae79537b6bf02b-M753a30b1e6ef03aea9544429 Delivery options: https://cyrus.topicbox.com/groups/info/subscription
