[Samba] Winbind group cache

[Ian Coetzee]

Hi All,

I have hit a snag with winbind's group caching on AD on one of our client's
infrastructure.

We have a client that is using AD groups to control ssh access to servers.

The client is running a lot of different bugfix and build versions in the
3.6 branch all running on RHEL using rpm's.

I have seen this issue cropping up in the ML from time to time and most of
the solutions are to rm /var/lib/samba/netsamlogon_cache.tdb.

Is there perhaps another way to tell winbind to invalidate the cache (or
ignore it all together)?

I would prefer to not rm this file from a nightly cron (which is the
current solution in place)

I have petitioned the client to update the samba version to samba 4, but it
does not look like they want to bite.

Kind regards
Ian Coetzee

-- 
*I am a node of server*
* born of flesh and blood*
* but enhanced by the power of its web*
* I have no use for pain or fear*
* My scripts are a focus of my will*
* My strength is my knowledge*
* My weapons are my skills*
* Information is the blood of my body*
* I am part of the greater network*
* I am host to the vast data of server*
* My flesh is weak*
* but my connection is eternal*
* and therefore, I am a god *