wbinbindd fails to update cache (3.0 alpha-20)

Andrew Bartlett abartlet at samba.org
Wed Oct 9 21:20:01 GMT 2002

Jiu Zheng wrote:
> I have a win2k domain controller, and winbindd is running on a FreeBSD box.
> After a user has been authentiacted (using "wbinfo -a username%password"),
> when "Member of" for this user is modified from the domain controller,
> "wbinfo -r username" won't returns the new groups, unless you remove file
> "winbindd_cache.tdb" then restart winbindd. It seems like winbindd
> wouldn't try to refetch the group information after it is cached.
> I post this message to samba-bugs at samba.org a few days ago and no reply
> yet. Could anyone look into this please?

(Assuming Samba 3.0, I'm not quite sure what ended up in 2.2)

Yes, this behaviour is by design.  Perhaps we need to reconsider the
design.  The problem is that we wanted to avoid an expencive call to the
DC for every login, particularly as we are given a full list of the
users groups in the reply to the authenticaion request.

In particular, when we are not using LDAP and Active Directory, it
appears that there is no other way to reterive these groups.  BTW, I
think the problematic file is netlogon_unigroup.tdb.

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-technical mailing list