As documentation explain, I use an AD Database Hybrid and it work well.
But if we add/edit some roles changes, all system.user API (like getUsers, getUser...) and aren't update until the Cache Validation Timeout of the userSource.
AD Database Hybrid - Ignition User Manual 8.1 - Ignition Documentation.
How to fix it, for responsive management users with perspective session?
Moreover, I don't understand the sAMAccountName / userPrincipalName that returned by the Active Directory. It seems that if I try to connect user with his userPrincipalName the sAMAccountName returned by AD is the same of userPrincipalName and if I try with his sAMAccountName the userPrincipalName returned by AD seems to be the same of sAMAccountName ?
How can I fix this if operator use 'userPrincipalName' (ex:toto) / 'sAMAccountName' (ex:firstname.lastname@example.org) notation for roles association with hybrid database ?