On Thu, 21 Jan 2010 19:50:04 -0500 Simo Sorce <sso...@redhat.com> wrote:
> The Last login date can be used to decide when to delete a user > account from the cache. This is not the same as the expiration date, > the expiration date is used to decide when it is time to refresh the > data even if we have it. So if the user data is expired, and the last > login date is X days in the past, we can decide to remove the user > from the cache without having to check the central authority (the > LDAP server). I forgot one bit here. We might decide to check also if the user is currently logged in. I can imagine a case where a user suspends the laptop for a few days and un-suspends later while offline. I think it would be bad form to wipe out the user data while the user is still working on the computer :) If I recall correctly we already have code to check if a user is currently logged in, so this shouldn't be difficult to account for. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
