Looks like this is applied immediately, but required a service sssd restart; sss_cache -E

Do these attributes have a TTL set?

I know these are all SSSD Specific questions, and not directly related to FreeIPA.

Thanks,

Jake

From: "freeipa-users" <freeipa-users@lists.fedorahosted.org>
To: "freeipa-users" <freeipa-users@lists.fedorahosted.org>
Cc: "Jake" <email@ml.jacobdevans.com>
Sent: Tuesday, May 30, 2017 1:15:32 PM
Subject: [Freeipa-users]SSH Key replication time/issues

Hey again,

I'm trying to track down how to ensure ssh keys are added AND removed quickly.

Right now it seems I must restart ipa services or sss_cache -E to force them to update, and there doesn't seem to be a determinate amount of time to allow replication.

Note, SSH keys are stored in the "Default View" for external users (external one-way trust with AD).

Thanks,

-Jake

_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org