[Samba] winbind, nsswitch, AD and group membership caching?
Rowland Penny
rpenny at samba.org
Fri Jun 1 10:42:13 UTC 2018
On Fri, 01 Jun 2018 12:11:57 +0200
Kristian via samba <samba at lists.samba.org> wrote:
> Hi Rowland;
>
> thanks for your comment.
>
> Am Freitag, den 01.06.2018, 11:05 +0100 schrieb Rowland Penny via
> samba:
> >
> > Have the users logged in ? If not, then this is the expected
> > behaviour.
> >
>
> The users have logged in several times using ssh; does that suffice?
>
> As far as I can tell right now, it *looks* like this is computed just
> exactly once and never updated. Did a quick check with an empty VM
> that joined the domain; after logging in there with the same user,
> group assignment is the same as in Windows AD. Forgot to mention
> before: I'm on Ubuntu 16.04 / samba 4.3.11.
>
> Best regards,
> Kristian
>
OK, how are you running the Unix domain members ?
Are you using the 'ad' or the 'rid' winbind backend ?
If you are using the 'ad' backend, have you given the groups a
gidNumber ?
Try running 'net cache flush' on the Unix domain member.
Rowland
More information about the samba
mailing list