[Samba] winbind or netsamlogon_cache.tdb issue

Lionel Déruaz lderuaz at free.fr
Tue Oct 25 15:03:06 GMT 2005


i am using samba 3.0.9 (winbind in particular) on RHES server for a squid
project : to authenticate users or check in they are member of some groups on
AD W2K servers.

It has been working fine for one year.

Last week, we have defined new AD groups to use for this project.

The problem that i am facing, is that for some users, the check to see if
the user is in the group is working fine, but for some other users, it returns
me an error (but the user is in the group !)I am using for this check the
wbinfo_group.pl file.
What i have noticed is that if i start winbind without cache, everything seems
to be ok.
Also, if i delete the netsamlogon_cache.tdb file and restart winbind, everything
seems to be ok.

Do you have a idea of what could have generated this situation ?

By the way, in my context could it be a solution to clear from time to time the
netsamlogon_cache.tdb file (i've seen in a previous post

that removing this file could be a temporary solution before update of samba

> In technical terms, the cache is a copy of the NET_USER_INFO_3
> structure in the samlogin() reply (used for NTLM authenication).
> You're not the first one to be bitten by this.  It was more
> useful in Samba 2.2.x installations.  We'll definitely fix
> this somehow before the next stable release.

Is this fixed in the 3.0.20b release ?

Thanks in advance for you help,

More information about the samba mailing list