Deleted Group in FreeIPA Still Comes Up

Paul

12/3/22, 4:47 PM

I'm having an issue deleting a group in FreeIPA. A group was previously created called "developer" for which I want to delete.

I go into "User Groups" in FreeIPA GUI and delete the offending group name. All sounds good, but then if I go to my clients and do

getent group developer

I get

developer:*:[gid]:(members list)

In other words, the still comes up. I go into the individual group members and the group does not show in their account.

How do I permanently delete this key?

I'm running FreeIPA version 4.5.4 on CentOS 7

Thanks!

1 + 0

freeipa

Score:2

Server

Michael Hampton

12/3/22, 4:57 PM

Most likely the member server has cached the group. The caching is done by sssd, which also handles many other services related to the domain.

You can use the sss_cache tool to manage the cache. For example, to clear all group entries from the cache:

sss_cache -G

0 + 1

Paul

12/3/22, 6:03 PM

Awesome. That did it. Thank you very much!

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Deleted Group in FreeIPA Still Comes Up

TH: Deleted Group in FreeIPA Still Comes Up

RO: Deleted Group in FreeIPA Still Comes Up

RU: Deleted Group in FreeIPA Still Comes Up

VI: Deleted Group in FreeIPA Still Comes Up

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.