Central Users Management Caching issue?

Hi

I´ve konfigured my IS to use central users management (authentication is made against active directory).

The problem is that the Central Users Management feature seems to cache usernames/passwords locally, which means that if I update a certain users password in Active Directory the changes are not reflected in the IS, which causes access errors :frowning:

I´ve had this problem several times, and the only way I can get around it is to:

[Assume I have a ACL called MyACL, a group called MyGroup and a user called MyUser, which belongs to MyGroup]

  1. Remove the MyACL ACL (psysically) the AD group is mapped to
  2. Disconnect the IS from Active Directory (turn of Central…)
  3. Restart the IS
  4. Turn on Central…
  5. Restart the IS
  6. Recreate the MyACL ACL and map it to the MyGroup group in the AD.
  7. Done

As you see, this is a process you don´t want to do in an production environment. Has anyone had the same problem, and is there a good solution? IS there perhaps some way to clear the central users management cache?

I´m using IS 7.1.2

Best regards,
Mikael

Haven’t faced this problem… though we have similiar instances of password change/ user locked etc in external managed directory… which Core fix you are running on and what’s the directory service cache configuration in your environment??

Thanks for your reply

The cache capacity is set to 1000, and cache timeout is set to 1 hour.
We’re currently running on IS_7.1.2_Core_Fix21

However, we’re planning to apply IS_7.1.2_Core_Fix29 in our UAT environment, perhaps I will see some changes there regarding this issue.

The fixes nowdays are bundled together (with a bat script for automatic install), so it´s not the usual pain in the ass to apply them as is used to be :wink:

Regards,
Mikael

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.