Re: [Freeipa-users] proper way to clear sssd cache without sss_cache?
On Tue, Feb 26, 2013 at 02:36:42PM -0500, Dmitri Pal wrote: > On 02/26/2013 02:29 PM, KodaK wrote: > > I know that at some point the sssd package (or maybe the tools > > package) started including sss_cache for managing the sssd cache. I > > have some RHEL5 boxes that don't have this utility. > > > > I've been stopping the sssd service, deleting the contents of > > /var/lib/sss/db/ and then restarting and things seem to be working OK, > > but I wanted to find out if there was a proper procedure? > > > > Thanks! > > > Yes it was the proper procedure until we added a tool. The only thing to keep in mind is that by wiping out the whole cache removes all cached passwords. Depending on whether you use cache_credentials=True or whether your clients need to cache credentials at all you do or don't care :-) If you care, you might want to use the ldbmodify utility to instead set the dataExpire timestamp to a timestamp from the past (this is what sss_cache does internally btw) ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] proper way to clear sssd cache without sss_cache?
Hi, Its what I have to do on most client side issues and what RH support advise. I was told that the sssd daemon would be upgraded in 6.4, its certainly seems to be my main pain point right now. regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of KodaK [sako...@gmail.com] Sent: Wednesday, 27 February 2013 8:29 a.m. To: freeipa-users@redhat.com Subject: [Freeipa-users] proper way to clear sssd cache without sss_cache? I know that at some point the sssd package (or maybe the tools package) started including sss_cache for managing the sssd cache. I have some RHEL5 boxes that don't have this utility. I've been stopping the sssd service, deleting the contents of /var/lib/sss/db/ and then restarting and things seem to be working OK, but I wanted to find out if there was a proper procedure? Thanks! -- The government is going to read our mail anyway, might as well make it tough for them. GPG Public key ID: B6A1A7C6 ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] proper way to clear sssd cache without sss_cache?
On 02/26/2013 02:29 PM, KodaK wrote: > I know that at some point the sssd package (or maybe the tools > package) started including sss_cache for managing the sssd cache. I > have some RHEL5 boxes that don't have this utility. > > I've been stopping the sssd service, deleting the contents of > /var/lib/sss/db/ and then restarting and things seem to be working OK, > but I wanted to find out if there was a proper procedure? > > Thanks! > Yes it was the proper procedure until we added a tool. -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] proper way to clear sssd cache without sss_cache?
I know that at some point the sssd package (or maybe the tools package) started including sss_cache for managing the sssd cache. I have some RHEL5 boxes that don't have this utility. I've been stopping the sssd service, deleting the contents of /var/lib/sss/db/ and then restarting and things seem to be working OK, but I wanted to find out if there was a proper procedure? Thanks! -- The government is going to read our mail anyway, might as well make it tough for them. GPG Public key ID: B6A1A7C6 ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
