This configuration parameter specifies how long ldapproxy holds the ldapproxy credential cache. The cache expires in the specified number of seconds. Default is 300 seconds:

ldapproxy.cache.credential.expires <seconds>

The ldapproxy credential cache retains the user login Active Directory verification.

  • If a user logs in within the expiration window, ldapproxy does not require another adclient verification.
  • If a user logs in and the ldapproxy credential cache is expired, ldapproxy sends a request for authentication to adclient. adclient can authenticate using its own cache or send to AD for authentication.

Restart centrify-ldapproxy to apply changes.

[root]$ /usr/share/centrifydc/bin/centrify-ldapproxy restart