[Samba] Persistent Winbind gid cache
Prunk Dump
prunkdump at gmail.com
Mon Oct 8 13:26:28 UTC 2018
Hello Samba team !
I'm network administrator in a french high school where I store my
user/group ID using rfc2307. My client stations use Winbind to query
rfc2307 attributes.
Each new years, as all my students move to another class, almost all
my user's gid are updated in AD.
This gid is very important in my network because pam_mount mount only
the share corresponding the to user's gid.
I don't know why, but sometimes the old gid ( from the previous year
) is attributed by pam_mount to the user so the wrong share are
mounted. So I suspect some persistent Winbind cache.
>From the documentation :
-> idmap cache time default to one week
-> winbind cache time default to 5 minutes
But after nearly two months I still experience some bad group attribution.
All my servers and clients are Debian Stretch with Samba-4.5.12.
Is there some case (ex : slow server response) where Winbind use a
cached uid/gid even if the cache time is over ?
Is there someone that can't give me some tips to investigate the problem ?
Regards,
Baptiste.
More information about the samba
mailing list