[Samba] Winbind group cache

Rowland penny rpenny at samba.org
Wed Jul 15 13:29:50 UTC 2020

On 15/07/2020 13:59, Ian Coetzee via samba wrote:
> Hi All,
> I have hit a snag with winbind's group caching on AD on one of our client's
> infrastructure.
> We have a client that is using AD groups to control ssh access to servers.
> The client is running a lot of different bugfix and build versions in the
> 3.6 branch all running on RHEL using rpm's.
> I have seen this issue cropping up in the ML from time to time and most of
> the solutions are to rm /var/lib/samba/netsamlogon_cache.tdb.
> Is there perhaps another way to tell winbind to invalidate the cache (or
> ignore it all together)?
> I would prefer to not rm this file from a nightly cron (which is the
> current solution in place)
> I have petitioned the client to update the samba version to samba 4, but it
> does not look like they want to bite.
> Kind regards
> Ian Coetzee
Just tell them that RHEL/Centos 6 goes EOL in November ;-)

They really should upgrade, there have been numerous CVE's that have not 
been backported to 3.6.x because it is EOL.

There have also been numerous bugfixes that haven't been backported.


More information about the samba mailing list