[Samba] Samba ads not refreshing domain controller group modifications

tita.boba at libero.it tita.boba at libero.it
Mon Jul 31 06:25:16 GMT 2006


> Helo  

Hi

> My problem can be described in the following way. 
> -         getent group and getent passwd work well , when I add or delete 
> a user from one group the modification is displayed with getent 
> -         I chown user:group over a file in samba the user from that group 
> can access it 
> -         BUT when I delete the user from the group in my DC ,he/she can 
> still acces the share even after 24hours until I restart samba and winbind
> -         after restart he/she is denied according to group to access the 
> share 
>  
> Can anyone give me a tip ?
>  
> Thanks in advance for any answer

I think it's winbind cache problem.
Try to set 
winbind cache time = 10
on your global conf and restart.
winbind cache reply from ad server for only 10 seconds.
If your ad is a forest with multidomain the situation is different, the gc cache reply from other domains and i don't know how to solve this. Is my problem.
Bye.


___________________________________________________________________
Vuoi sapere cosa realmente succede a casa o ufficio quando non ci sei ? Ora puoi farlo ...e senza spendere un capitale!
http://click.libero.it/dmail2




More information about the samba mailing list