On Wed, Oct 9, 2013 at 2:29 AM, Paul Heinlein <heinlein at madboa.com> wrote: > On Wed, 9 Oct 2013, Arun Khan wrote: > >> In order for jdoe to show up as member of 'project1' group, I have to >> restart sssd. >> >> In sssd.conf, in the domain section enumerate=FALSE. >> >> I would appreciate any pointers to shorten the client side updates >> regarding uid+gid association. > > > Th default entry_cache_timeout is 5400 seconds, an hour and a half, probably > well beyond the "> 5 mins" you waited. > > I set "entry_cache_timeout = 600" in the domain section section of the > standard sssd.conf for CentOS machines. You can set > entry_cache_group_timeout specifically if you need more frequent checks for > group entries. > Thanks very much for the pointer. I will try it out. -- Arun Khan Sent from my non-iphone/non-android device