On Fri, Oct 21, 2016 at 02:28:34PM -0400, Douglas Duckworth wrote:
So caching. Would such a long LDAP caching policy, shown in my
sssd.conf,
have any downsides? I thought the longer the better though what if users
change their password? Does sssd poll LDAP server for changes in order to
make sure the cache doesn't fall behind state present in LDAP?
The caching mechanims is documented here:
https://fedorahosted.org/sssd/wiki/InternalsDocs#a3.2.2.DataFlow