FMS 14 on OS X and LDAP/Active Directory Delays

Question asked by JohnDCCIU on Dec 7, 2015
We run FMS on OS X and a couple of years ago we started using Active Directory authentication.  It works great, but there's a significant delay between when changes are made in the AD and when FileMaker sees them, sometimes hours.  There doesn't seem to be any set syncing time, but I can force it to sync by opening the Directory Utility (where the AD is configured) and messing around in the list of AD Groups and Users....that seems to force FMS to see the changes.


This delay causes issues because when we add a new user to an AD Group to be able to access a database, we have no idea when they're actually going to be able to login.


Has anyone seen this behavior and has a way to keep the syncing relatively up-to-date? 


I'm not sure of the mechanism that FMS uses to query it keeping some cached list that it uses for performance reasons and so FMS is the problem because it's not updating its cache properly or frequently enough?  Or is it querying AD "live", which would lead me to believe that OS X is the place where the caching is occuring and so I need to do something at the OS level.