Hi,

On 7 Mar 2015 18:56, "Varun Mittal3" <varun.mittal@in.ibm.com> wrote:
>
> Hi
>
> We are using sssd available on RHEL 7 and have a query on purging sssd cache incase domain goes offline.
> We are using just the UID/GID and group membership for users. And netgroups(both LDAP and NIS proxy) in some cases
>
> As I understand, sss_cache utility only invalidates the records, which marks them expired. Whenever the domain is online, these will be refreshed. But if the domain is offline, those expired records will still be returned as valid.
>
> - Please reconfirm if this understanding is correct
> - And if this is correct, then is there a way to purge the records to return users/group queries invalid if domain is offline
>

I haven't tried on CentOS 7 but it should be done by doing below given steps as far as sssd is concerned. This is a manual procedure, if you want automatic procedure then look into cache_timeout option in sssd.

1. service sssd stop
2. cd /var/lib/sss/db
3. rm -rf *
4. service sssd start

--Regards
Ashishkumar S. Yadav