Re: [Freeipa-users] proper way to clear sssd cache without sss_cache?

2013-02-26 Thread Dmitri Pal
On 02/26/2013 02:29 PM, KodaK wrote:
 I know that at some point the sssd package (or maybe the tools
 package) started including sss_cache for managing the sssd cache.  I
 have some RHEL5 boxes that don't have this utility.

 I've been stopping the sssd service, deleting the contents of
 /var/lib/sss/db/ and then restarting and things seem to be working OK,
 but I wanted to find out if there was a proper procedure?

 Thanks!

Yes it was the proper procedure until we added a tool.

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


---
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users


Re: [Freeipa-users] proper way to clear sssd cache without sss_cache?

2013-02-26 Thread Steven Jones
Hi,

Its what I have to do on most client side issues and what RH support advise. I 
was told that the sssd daemon would be upgraded in 6.4, its certainly seems to 
be my main pain point right now.

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272


From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on 
behalf of KodaK [sako...@gmail.com]
Sent: Wednesday, 27 February 2013 8:29 a.m.
To: freeipa-users@redhat.com
Subject: [Freeipa-users] proper way to clear sssd cache without sss_cache?

I know that at some point the sssd package (or maybe the tools
package) started including sss_cache for managing the sssd cache.  I
have some RHEL5 boxes that don't have this utility.

I've been stopping the sssd service, deleting the contents of
/var/lib/sss/db/ and then restarting and things seem to be working OK,
but I wanted to find out if there was a proper procedure?

Thanks!

--
The government is going to read our mail anyway, might as well make it
tough for them.  GPG Public key ID:  B6A1A7C6

___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users



___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users


Re: [Freeipa-users] proper way to clear sssd cache without sss_cache?

2013-02-26 Thread Jakub Hrozek
On Tue, Feb 26, 2013 at 02:36:42PM -0500, Dmitri Pal wrote:
 On 02/26/2013 02:29 PM, KodaK wrote:
  I know that at some point the sssd package (or maybe the tools
  package) started including sss_cache for managing the sssd cache.  I
  have some RHEL5 boxes that don't have this utility.
 
  I've been stopping the sssd service, deleting the contents of
  /var/lib/sss/db/ and then restarting and things seem to be working OK,
  but I wanted to find out if there was a proper procedure?
 
  Thanks!
 
 Yes it was the proper procedure until we added a tool.

The only thing to keep in mind is that by wiping out the whole cache
removes all cached passwords. Depending on whether you use
cache_credentials=True or whether your clients need to cache credentials
at all you do or don't care :-)

If you care, you might want to use the ldbmodify utility to instead
set the dataExpire timestamp to a timestamp from the past (this is what
sss_cache does internally btw)

___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users