When using APM with an LDAP AAA server, are results cached?

Question

I'm making extensive use of this sort of test:
      [mcget {session.ldap.last.attr.memberOf}] contains "My_Groupname"

I was previously using Active Directory authentication and queries rather than LDAP, but changing to LDAP has cut down the login wait from up to 15 seconds down to several seconds.
I'm almost certain that the APM is caching the membership results, however, because I make changes on the domain controller and the changes are not reflected on the BigIP - it seems to be using stale results.
Any suggestions on the expected behavior, and how to change it?
I know I can mix and and match AD and LDAP authentication and queries if necessary, and AD was also caching but didn't seem to be as long when I set it to 0 days, and I could manually clear that cache for testing purposes.

seth_cooper · Answer

Yes, the LDAP Groups results are cached and you can control the settings and clear the cache in the AAA object.&nbsp;
-Seth&nbsp;

Forum Discussion

When using APM with an LDAP AAA server, are results cached?

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Question about irules and Virtual servers and caching of irules

Simple HTTP::redirect iRule results in a reset

Does an AD Query cache results?

How to stop caching until development is completed?

Why can I configure DNS Caches without a proper license ?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS