wbinbindd fails to update cache (3.0 alpha-20)

Jiu Zheng jiu at stbernard.com
Wed Oct 9 22:06:00 GMT 2002

> > I have a win2k domain controller, and winbindd is running on a FreeBSD box.
> > After a user has been authentiacted (using "wbinfo -a username%password"),
> > when "Member of" for this user is modified from the domain controller,
> > "wbinfo -r username" won't returns the new groups, unless you remove file
> > "winbindd_cache.tdb" then restart winbindd. It seems like winbindd
> > wouldn't try to refetch the group information after it is cached.
> >
> > I post this message to samba-bugs at samba.org a few days ago and no reply
> > yet. Could anyone look into this please?
> (Assuming Samba 3.0, I'm not quite sure what ended up in 2.2)

2.2.5 does not have such a problem.

> Yes, this behaviour is by design.  Perhaps we need to reconsider the
> design.  The problem is that we wanted to avoid an expencive call to the
> DC for every login, particularly as we are given a full list of the
> users groups in the reply to the authenticaion request.

The problem is that it seems the old information is kept in cache forever.
If we try to avoid expensive calls, can we define a timeout value so we
don't it very often?

> In particular, when we are not using LDAP and Active Directory, it
> appears that there is no other way to reterive these groups.  BTW, I
> think the problematic file is netlogon_unigroup.tdb.
> Andrew Bartlett
> --
> Andrew Bartlett                                 abartlet at pcug.org.au
> Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
> Student Network Administrator, Hawker College   abartlet at hawkerc.net
> http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-technical mailing list