OLAC has two levels of caching: The first level of OLAC caching occurs in OLAC server (OACJAVA), which caches the protected resource name and its associated OLAC parameters, data source, and value (the name of the attribute in case of LDAP) initially when the OLAC server is started and/or when it is issued an OACREFRESH command.
You can refresh OLAC from the Web GUI (on the Access Control page) or you can run OACREFRESH from the NetWare® prompt (not the iChain prompt) on the iChain console. OACREFRESH is a Java program that opens a socket to the OLAC server and sends the REFRESH command. After receiving the command, the OLAC server refreshes the cache. OLAC is also refreshed when the administrator opts to refresh the iChain Proxy configuration in the ISO snap-in in ConsoleOne after making changes. OLAC also auto-refreshes every n minutes, where n is specified in the oac.properties file. This value currently defaults to 180 minutes.
The second level of OLAC caching is for OLAC values cached in proxy for that user session, and it cannot be refreshed by any command. The life of this cache is only for that authenticated user session. OLAC refresh gets the changes in the protected resources and associated parameter definitions. It does not refresh any LDAP connections. The administrator must restart OLAC for those changes to take effect. Restarting OLAC can be done easily from the Access Control page in the Web GUI.