Set refresh interval for access control cache

Specify the maximum number of minutes to keep information from the authorization store cached before it expires.

The authorization store is an Active Directory object that stores the rights, roles, and role assignments that the privilege elevation service uses to control access to dzdo privileged commands, dzsh restricted environments, and PAM-enabled applications. Because the agent handles connecting to and retrieving information from Active Directory, this configuration parameter controls how frequently adclient retrieves the privilege elevation service set of information from Active Directory if any such data has been modified in Active Directory.

If local account management is enabled, this group policy also specifies how often etc/group and etc/passwd are updated on UNIX and Linux computers, based on the local group and local user settings that you configure in Access Manager.

If this policy is not Enabled, the default is 30 minutes.

Starting with agent version 5.1.3, this group policy modifies the adclient.refresh.interval.dz setting in the agent configuration file.

Note:   Prior to agent version 5.1.3, this group policy modified the adclient.azman.refresh.interval setting. That setting was deprecated in version 5.1.3.