[Samba] "id" and "id username" don't match up when using Winbind groups

Fri Jun 10 19:16:32 GMT 2005

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Graeme Humphries wrote:

| ADS. I was under the impression that security = domain
| was broken with SP1? Or has than been fixed in 3.0.14a?

security = ads is better for windows 2003 sp1.  I just wanted
to clarify what your configuration was.  And we now think
that we know how to fix security = domain as well.

| Ok, so to clear this up in ADS continually, I'll
| need to make a cron job that shuts down winbind,
| removes this file, and then starts winbind up
| again?

*if* user's never fall back to NTLM authentication
\and always use kerberos tickets, the cache will
never be initialized for that user so theoretically
it should not cause a problem.  But then Windows
clients do tend to fallback to NTLM more than one
would expect.

Correct.

| Cool. As long as I have a workaround, I'm happy, but
| it'd be nice to have it cleaned up. Is 3.0.15
| the next stable release, or does Samba use the
| even=stable odd=devel numbering?

Well we're skipping a few release numbers due to
the large amount of upcoming changes.  So the next
stable release will be 3.0.20.  Here's the original
mail.

http://lists.samba.org/archive/samba/2005-May/106122.html

cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back."     Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCqecQIR7qMdg1EfYRApgfAKC6MDbUPeVvt34CGL78J02Vndv2EACgrLV7
Gt40ZrBXvTs7LpdAlDaxjXA=
=pQpp
-----END PGP SIGNATURE-----