Specifies the maximum length of time that that the results of a query to an LDAP directory, which has been marked for group expansion, will be cached for use in building nameslists. Upon expiration, the cached entries will be considered invalid and the creation of a nameslist will result in queries being sent to the LDAP directory. This addresses the situation, prior to Domino 6, in which the cache did not detect changes that occurred in LDAP directories that had been marked for group expansion, thus serving up stale data which had been cached from those directories indefinitely.
The length of time that entries from an LDAP directory are considered valid in the group cache (see below for more details).
This time is in 1/100ths of a second, so 6000 is one minute, 3000 is 30 sec, and 30000 is 5 minutes, etc.
0 - The behavior is the same as R5, that is updates to the LDAP directory are not detected and the group cache is flushed based only on updates to the domino directory(ies) which are enabled for group expansion.
x - If this variable is set to an integer value, this value is interpreted as the lifetime of information from remote LDAP directories in 1/100ths of a second.
Thus, if this value is set to 6000 then the information from the LDAP server will only be considered valid for 1 minute. If the LDAP server was marked for group expansion in the DA database this would mean that group cache would be considered stale after one minute. If the value were set to 60000 entries would expire after 10 minutes, if 360000 they would expire after 1 hour, etc. Settings below 6000 (3000 if the LDAP server task is running) are probably not useful as these servers are subject to the same 1 minute (30 seconds if the LDAP server task running) delay that domino directories are subject to. No value - If the variable is not set at all, it will default to 360000 (1 hour).
Problem
You have set up Directory assistance to connect to your LDAP server. You have made changes to the ACL and have removed an LDAP user. However, you notice an hour has passed and the LDAP user can still authenticate and access the server and databases. Seems like the LDAP group is cached on the server. Is there any way to flush the LDAP group cache? Solution The notes.ini parameter LDAPName_Update_Suppress_Time was implemented in Domino® 6. This parameter allows the user to set the length of time entries from an LDAP directory are considered valid in the group cache. This information has been added to the Domino 6 release notes.
Note 1:
This parameter does not work for R5 servers. The only work around for this issue on a Domino 5.x server would be to restart the HTTP task since the Directory assistance tables are only reloaded if there is a change in the Domino directories.
Note 2:
Settings below 6000 (3000 if the LDAP server task is running) are probably not useful as these servers are subject to a 1 minute (30 seconds if the LDAP server task is running) threshold and should be avoided.