[Samba] Winbind group cache
Ian Coetzee
samba at iancoetzee.za.net
Thu Jul 16 07:06:05 UTC 2020
On Wed, 15 Jul 2020 at 15:29, Rowland penny via samba <samba at lists.samba.org>
wrote:
> On 15/07/2020 13:59, Ian Coetzee via samba wrote:
> > Hi All,
> >
> > I have hit a snag with winbind's group caching on AD on one of our
> client's
> > infrastructure.
> >
> > We have a client that is using AD groups to control ssh access to
> servers.
> >
> > The client is running a lot of different bugfix and build versions in the
> > 3.6 branch all running on RHEL using rpm's.
> >
> > I have seen this issue cropping up in the ML from time to time and most
> of
> > the solutions are to rm /var/lib/samba/netsamlogon_cache.tdb.
> >
> > Is there perhaps another way to tell winbind to invalidate the cache (or
> > ignore it all together)?
> >
> > I would prefer to not rm this file from a nightly cron (which is the
> > current solution in place)
> >
> > I have petitioned the client to update the samba version to samba 4, but
> it
> > does not look like they want to bite.
> >
> > Kind regards
> > Ian Coetzee
> >
> Just tell them that RHEL/Centos 6 goes EOL in November ;-)
>
> They really should upgrade, there have been numerous CVE's that have not
> been backported to 3.6.x because it is EOL.
>
> There have also been numerous bugfixes that haven't been backported.
>
> Rowland
>
Hi Roland,
Thank you for the reply, I will see about getting them to upgrade, but so
far there has been no luck - they can't afford to be offline, so they don't
want updates -
Will an update to samba 4.x fix the caching issue?
Kind regards
Ian Coetzee
More information about the samba
mailing list