The user-manage dynamic-user cache enable command enables the dynamic user cache function.
The undo user-manage dynamic-user cache enable command disables the dynamic user cache function.
By default, the dynamic user cache function is disabled.
In a scenario where the authentication server is separated from the import server and users are controlled based on dynamic security groups, the FW needs to query users' dynamic security groups towards the import server based on import policies.
To improve the efficiency in querying dynamic security groups, you can run this command to enable the dynamic user cache function.
After you enable this function, the FW queries the dynamic security group of a user that logs in for the first time towards the import server and creates a dynamic user list after the query completes. When the user logs in again, the FW queries the dynamic user list to obtain the dynamic security group information of this user.
After you run this command, you can also run the user-manage dynamic-user cache aging-time command to configure the aging time of the dynamic user cache and the user-manage dynamic-user cache sync-refresh schedule command to configure the update time of the dynamic user cache.