I am a bit confused about the relationship between these 2 parameters.

In my setup test, it seems there 2 parameters are independent. If I set  "cached_auth_timeout" longer than "entry_cache_timeout", when "entry_cache_timeout" expires and "cached_auth_timeout" not,  I can still login with cached credentials.

Even if I clean all cache by "sss_cache -E", login with cached credentials still work as long as it is within the timeout period.

So my questions

- where is cached credential stored? Is it also the /var/lib/sss/db/* ? Then why  it cannot be invalidated by "sss_cache -E"?

- how can I invalidate it without restarting the sssd service?