On Tue, Feb 26, 2013 at 02:36:42PM -0500, Dmitri Pal wrote:
> On 02/26/2013 02:29 PM, KodaK wrote:
> > I know that at some point the sssd package (or maybe the tools
> > package) started including sss_cache for managing the sssd cache.  I
> > have some RHEL5 boxes that don't have this utility.
> >
> > I've been stopping the sssd service, deleting the contents of
> > /var/lib/sss/db/ and then restarting and things seem to be working OK,
> > but I wanted to find out if there was a proper procedure?
> >
> > Thanks!
> >
> Yes it was the proper procedure until we added a tool.

The only thing to keep in mind is that by wiping out the whole cache
removes all cached passwords. Depending on whether you use
cache_credentials=True or whether your clients need to cache credentials
at all you do or don't care :-)

If you care, you might want to use the ldbmodify utility to instead
set the dataExpire timestamp to a timestamp from the past (this is what
sss_cache does internally btw)

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to