Hi

We are using sssd available on RHEL 7 and have a query on purging sssd cache incase domain goes offline.
We are using just the UID/GID and group membership for users. And netgroups(both LDAP and NIS proxy) in some cases

As I understand, sss_cache utility only invalidates the records, which marks them expired. Whenever the domain is online, these will be refreshed. But if the domain is offline, those expired records will still be returned as valid.

- Please reconfirm if this understanding is correct
- And if this is correct, then is there a way to purge the records to return users/group queries invalid if domain is offline

Thanx & Regards,
Varun Mittal