[Samba] Offline logon and NSS...
gaio at sv.lnf.it
Fri Oct 18 09:19:27 UTC 2019
Mandi! Rowland penny via samba
In chel di` si favelave...
> No, if you have 'winbind offline logon = yes' set that is it as far as Samba
> is concerned, you also have to set up PAM to use cached logins.
> Winbind caches the users passwd etc, but renews it if the cache time has
> been exceeded unless an AD DC cannot be contacted i.e. they are all offline.
Speaking simply (and, of couse, supposing bug fixed):
a) NSS cache are permanent, and does not expire if there's NO DC
b) PAM cache need 'winbind offline logon = yes', and cache times, eg:
idmap cache time
winbind cache time
need to be tackled to suit the needs.
My misundestanding born by the fact that, to have full ''roaming''
client to work, it need account and group existance (NSS) and password
cache (PAM), ant i've no clear how the different winbind options play in
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba