The auth cache contains all fields returned by "password_query" (in itself a little odd), including the fields "nologin" and "reason".

If a user is cached with "nologin=Y" and the database-source is changed so nologin condition is no longer true, then the cache prevents login for as long as the TTL remain?

is there any way around this?

Thanks

Tom