For folks looking for a solution: After adding/deleting AD users from your external lists, you can issue one or more of the following commands:
sss_cache -U sss_cache -G sss_cache -E On just the ***freeipa server****. The client systems will query the master when users are authenticating the login via sssd. There is a nuclear option that was suggest: sssctl cache-remove -p -s But I haven’t had to use that to have my clients recognize additions or deletions of AD external users. Hope this helps someone. -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
