[Samba] Winbind cache

Gerald (Jerry) Carter jerry at samba.org
Thu Jul 27 11:42:45 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Samuel Partida wrote:

> 1 Run 'groups aduser', the group membership for aduser 
> is shown
> 2 Change 'aduser' membership on the AD server.
> 3 Run 'groups aduser', the group membership for aduser is 
> shown but is not reflecting the changes made.
> 4 Restart winbind setting cache time to zero.
> 5 Repeat steps 1,2,3 and now it reflects all changes 
>   made on AD server.

Group membership is guaranteed to be reflected when the
user logs in.  running 'groups user' just answers out of cache.
When the user logs in, we get the complete group membership
in the Krb5 PAC or NetSamLogon() reply.

So run step

  2a: wbinfo -a 'AD\aduser%password'




cheers, jerry
=====================================================================
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEyKa1IR7qMdg1EfYRAt/pAKC/wrn/wyH3eFN95JGx6F7PsPZ27ACeO8Cy
T6RQAlvikLCNxLAWYdqjkT0=
=AGFm
-----END PGP SIGNATURE-----


More information about the samba mailing list