[Samba] 'dirty cache' on a DC?
Marco Gaiarin
gaio at sv.lnf.it
Wed Feb 10 15:57:55 UTC 2021
I needed to cleanup membership in a user, and i've used ADUC. To verify
it i've done on the DC with FSMO roles:
root at vdcsv1:~# id adonella
uid=12105(LNFFVG\adonella) gid=10513(LNFFVG\domain users) gruppi=10513(LNFFVG\domain users),11037(LNFFVG\sv_piscina),11034(LNFFVG\sv_maestre),11085(LNFFVG\sv_materna),3000009(BUILTIN\users)
The old membership. But on another dc or in a dm:
root at vdcsv2:~# id adonella
uid=12105(LNFFVG\adonella) gid=10513(LNFFVG\domain users) gruppi=10513(LNFFVG\domain users),11029(LNFFVG\sv_riabili_npm),3000009(BUILTIN\users)
root at vdmpp1:~# id adonella
uid=12105(adonella) gid=11029(sv_riabili_npm) gruppi=11029(sv_riabili_npm),10513(domain users),11032(sv_riabili),5001(BUILTIN\users)
the data is correct. In LDAP, the data seems correct too, even for the
DC with FSMO roles:
root at vdcsv1:~# ldbsearch -H /var/lib/samba/private/sam.ldb "(SamAccountName=adonella)" | egrep "(gidNumber|memberOf)"
gidNumber: 11029
memberOf: CN=sv_riabili_npm,OU=Users,OU=SanVito,OU=FVG,DC=ad,DC=fvg,DC=lnf,DC=
What is happening?! Thanks.
PS: i've just tried to do a 'net cache flush' on the DC.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list