[Samba] Adding user to group doesn't propagate?

Harald Hannelius harald+samba at arcada.fi
Wed Apr 7 10:12:14 UTC 2021

On Thu, 24 Sep 2020, Rowland penny via samba wrote:

> On 24/09/2020 12:30, L.P.H. van Belle via samba wrote:
>> This test also needs the info on.. which backend? ..
> I was using the 'ad' backend, but I think this doesn't make any difference
>> And, did you login/logout again after adding the user.
> No, I didn't, but the only way I could get the user to show up as a member of 
> the group was to run 'wbinfo -a username' which amounts to re-authenticating.

I have been struggling with this for months, and this one user didn't ever 
get their group-membership updated on one member-server for some reason.

If I added this user to a group in AD, the user did show up in the group on 
another member-server, verified by checking with 'id username'.

The user must have re-authenticated since September 2020.

I now set the password for the user to a password I know, used 'wbinfo -a 
username' on the problematic member-server and the user membership finally 
got updated. The resynched the password-hash from LDAP back to the original 

Something fishy is going on, but I don't know where to look. And since this 
isn't a bug I can't do anything more than try to describe how to circumvent 
this non-bug :)


Harald Hannelius | harald.hannelius/a\arcada.fi | +358 50 594 1020

More information about the samba mailing list