[Samba] New group membership not taken into account on member servers

Min Wai Chan dcmwai at gmail.com
Sat Oct 4 11:12:54 MDT 2014

Try these?

This should short the cache time to 5 mins
Cut it lower if you need a shorter time...

        winbind cache time = 300
        idmap cache time = 300
        idmap negative cache time = 300

On Sat, Oct 4, 2014 at 11:47 PM, Sébastien Le Ray <sebastien-samba at orniz.org
> wrote:

> Le 04/10/2014 14:29, Volker Lendecke a écrit :
>> On Sat, Oct 04, 2014 at 02:14:15PM +0200, Sébastien Le Ray wrote:
>>> Hi,
>>> Le 04/10/2014 10:55, Vash a écrit :
>>>> Are you using rfc2307 and NIS extension?
>>>>  Yes I am. All groups have a unix GID, the configuration is correct
>>> on the member server (since the working one and the non-working one
>>> have the same smb.conf except for the share options…)
>>> On the two DC I have on the domain wbinfo -r username gives correct
>>> results, ADUC gives correct results no matter which DC is selected.
>>> Running winbind -i -n does not solves the issue (so this does not
>>> seem to be a cache issue)
>> Please retry after doing wbinfo -a or doing a SMB/PAM login.
>>  Hi,
> No change… This seems to be some cache issue (but not at winbind level
> since -n doesn't solve it) but even net cache flush doesn't solve it.
> In fact the issue occurs on the three servers… It seems that the one that
> seemed  to work had its cache clean, I just added myself to a group,
> checked on both DC (all right), net cache flush + wbinfo -a… The group is
> still not shown (but --group-info indicates that I'm member).
> Any further suggestion?
> Regards
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list