[Samba] Adding user to group doesn't propagate?
Harald Hannelius
harald+samba at arcada.fi
Wed Apr 7 10:12:14 UTC 2021
On Thu, 24 Sep 2020, Rowland penny via samba wrote:
> On 24/09/2020 12:30, L.P.H. van Belle via samba wrote:
>> This test also needs the info on.. which backend? ..
> I was using the 'ad' backend, but I think this doesn't make any difference
>>
>> And, did you login/logout again after adding the user.
> No, I didn't, but the only way I could get the user to show up as a member of
> the group was to run 'wbinfo -a username' which amounts to re-authenticating.
I have been struggling with this for months, and this one user didn't ever
get their group-membership updated on one member-server for some reason.
If I added this user to a group in AD, the user did show up in the group on
another member-server, verified by checking with 'id username'.
The user must have re-authenticated since September 2020.
I now set the password for the user to a password I know, used 'wbinfo -a
username' on the problematic member-server and the user membership finally
got updated. The resynched the password-hash from LDAP back to the original
one.
Something fishy is going on, but I don't know where to look. And since this
isn't a bug I can't do anything more than try to describe how to circumvent
this non-bug :)
--
Harald Hannelius | harald.hannelius/a\arcada.fi | +358 50 594 1020
More information about the samba
mailing list