On 08/06/2018 03:16 AM, Pete Biggs wrote: > If the cache is invalid SSS will, obviously, go back to the source and > return the information there, however, bizarrely, if the original > source doesn't have the information (like when a user is deleted) the > cached information is still returned. That cached information is > retained for ever it seems so my supposedly deleted user accounts still > appear to be active on the machines. Best practice is to lock accounts, and not to delete them.