Sssd is not cleaning up cache

From Bitbull Wiki

Revision as of 06:53, 20 October 2017 by Chris (talk | contribs) (→‎Problem)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Contents

1 General
2 Problem
3 debugging
4 solution
5 Final note

1 General

OS: CentOS7

I maintain a Linux filer which is connected to both worlds:

Windows PCs conected to AD
OpenLDAP Proxy connected to AD
Linux clients connecting to OpenLDAP proxy
Linux & Windows clients connected to Linux Filer
Linux Filer connected to AD via sssd

2 Problem

logged into the filer

id some-user

was not showing the same results as ad-manager on DC

3 debugging

verify sssd.conf
verify /etc/nssswitch.conf
cmd: getent passwd
cmd: getent group
cmd: id
App: Apache Directory Studio
cmd: tcpdump
cmd: lsof

4 solution

Finally I found that sssd configuration is correct
The difference in group membership must come from somewhere else
This comand showed me the problem:

find /var/ | grep sss | egrep -v 'yum|log'

cd /var/lib/sss/db
mkdir _old
mv * _old/
systemctl restart sssd
id some-user

5 Final note

If you google for: sssd /var/lib/sss/db cache cleanup You can find a lot of infos, but to get there ... is sometimes not easy.

Retrieved from "http://www.bitbull.ch/wiki/index.php?title=Sssd_is_not_cleaning_up_cache&oldid=3730"