AD Database Hybrid update user roles modify

As documentation explain, I use an AD Database Hybrid and it work well.
But if we add/edit some roles changes, all system.user API (like getUsers, getUser...) and aren't update until the Cache Validation Timeout of the userSource.

AD Database Hybrid - Ignition User Manual 8.1 - Ignition Documentation.

How to fix it, for responsive management users with perspective session?



Moreover, I don't understand the sAMAccountName / userPrincipalName that returned by the Active Directory. It seems that if I try to connect user with his userPrincipalName the sAMAccountName returned by AD is the same of userPrincipalName and if I try with his sAMAccountName the userPrincipalName returned by AD seems to be the same of sAMAccountName ?

How can I fix this if operator use 'userPrincipalName' (ex:toto) / 'sAMAccountName' (ex:toto@entreprise.local) notation for roles association with hybrid database ?