12 April,16 at 11:09 AM
Applies to: Centrify DirectAudit 3.0 and above
Question:
What does the command daflush do?
Answer:
1. daflush will flush DirectAudit's in-memory cache for name service queries.
2. daflush also automatically flushes common name service caching daemons (such as nscd and pwgrd) if any of them are running.
If a user changed something that affects name service query, and wants to see the result immediately, running daflush will help.
For example, if an admin removed the 'UNIX login' role of an AD user, the admin would expect no result to be returned when running 'getent passwd aduser'.
However if DA is enabled, and DA's cache has the information of the AD user, some result is returned, even after CDC's cache is flushed (adflush).
Running daflush would make DA's cache and system's cache forget the user immediately.