Active directory frequently

Hi Guys,

i have user : test1
i have assigned user to an active directory group, for example: elastic_admin which have superuser permissions.
then, i have removed the user from elastic_admin and assign him to elastic_readers active directory group which has only read permessions.

when i have logged in i have seen that elastic still recognize my user as admin, how long it would take elastic to sync with active directory?

Thanks,
Gidi

By default, the AD realm caches user information for 20 minutes.

You can:

• wait 20 minutes
• change the expiry time
• or explicitly clear the cache

https://www.elastic.co/guide/en/elasticsearch/reference/7.5/controlling-user-cache.html

Thanks alot Tim!