Use the Security Equivalence Vector (SEV) Update commands in the NSS Console utility (nsscon) to enable or disable the update, to set the update interval from 5 minutes to 90 days (specified in seconds), and to force an immediate update of security equivalence vectors. Polling too frequently can impact performance. Polling too infrequently can cause delays in granting or restricting access to certain users. For more information about SEV, see Section 20.2, Configuring the Security Equivalence Vector Update Frequency.
Enables or disables SEV updates to occur in the background in addition to updates that occur when the system reboots. If it is disabled, SEV updates occur only at system reboots.
To make it persistent, include the command in the /etc/opt/novell/nss/nssstart.cfg file.
Default: On (enabled)
Examples
To enable background updating, enter
nss /SecurityEquivalenceUpdating
To disable background updating, enter
nss /NoSecurityEquivalenceUpdating
Sets the SEV update interval to the specified value in seconds. At the end of the elapsed time, NSS requires updated SEVs from eDirectory.
To make it persistent, include the command in the /etc/opt/novell/nss/nssstart.cfg file.
Default: 7200 (2 hours)
Range: 300 (5 minutes) to 7776000 (90 days).
Forces the SEV update to occur immediately for all users in the NSS file system. Use this command if you modify a user’s access control settings in eDirectory and want those changes to be reflected immediately in the user’s active SEV for this server.
This command is invalid if used in the /etc/opt/novell/nss/nssstart.cfg file.
A unique abbreviation such as
nss /ForceS
also works.
Forces the user security equivalence background updating to start immediately. Use this command if you modify a user’s access control settings in eDirectory and want those changes to be reflected immediately in the user’s active SEV for this server.