Hello,
When using LDAP backend with a DNS name (ldap_uri =
ldap://ldap.my.domain), I noticed that when the 'A' DNS record gets
modified, even if the OS resolver is getting the new ip address (command
'host ldap.my.domain' for instance), the sssd resolver
[be_resolve_server_process] was still caching the old ldap ip address.
It seems that a sssd restart is necessary (then, on the next request for
a non cached entry, a new connexion is made to the new ip address).
I didn't change 'ldap_connection_expire_timeout' which I'm not sure, by
the way, to quite understand as if I grep 'Found address for server' in
sssd log files, I don't see 15 min intervals.
So my questions are :
- is there a way to flush that cached ip (other than restarting) ?
- without restart, would sssd resolver indefinitely cache the old ip
address ?
- why don't I see periodic 15min intervals on 'Found address' in logs ?
Thanks
--
Thomas HUMMEL
Show replies by date