[Samba] winbind offline logon

[Piviul]

Reading this[¹] samba wiki and applying it, offline authentication seems 
to work but on the real world doesn't work at all... let me explain. If 
I put winbind offline using smbcontrol, offline authentication works 
flowlessy:

> $ wbinfo -K <domain>\\<username>
> Enter <domain>\<username>'s password:
> plaintext kerberos password authentication for [<domain>\<username>] 
> succeeded (requesting cctype: FILE)
> credentials were put in: FILE:/tmp/krb5cc_21046
> $ sudo smbcontrol winbind offline
> $ wbinfo -K <domain>\\<username>
> Enter <domain>\<username>'s password:
> plaintext kerberos password authentication for [<domain>\<username>] 
> succeeded (requesting cctype: FILE)
> user_flgs: NETLOGON_CACHED_ACCOUNT
> credentials were put in: FILE:/tmp/krb5cc_21046

But offline authentication should work when the PC can't connect to the 
AD. So I have disconnected the PC from the LAN and all seems to work:

> $ wbinfo -K <domain>\\<username>
> Enter <domain>\<username>'s password:
> plaintext kerberos password authentication for [<domain>\<username>] 
> succeeded (requesting cctype: FILE)
> user_flgs: NETLOGON_CACHED_ACCOUNT
> credentials were put in: FILE:/tmp/krb5cc_21046


But if I restart the PC without the LAN cable:

> $ wbinfo -K <domain>\\<username>
> Enter <domain>\<username>'s password:
> plaintext kerberos password authentication for [<domain>\<username>] 
> failed (requesting cctype: FILE)
> wbcLogonUser(DOMINIOCSA\psala): error code was NT_STATUS_NO_SUCH_USER 
> (0xc0000064)
> error message was: The specified account does not exist.
> Could not authenticate user [<domain>\<username>] with Kerberos 
> (ccache: FILE)
> $ getent passwd <domain>\\<username>
> <domain>\\<username>:*:21046:10513:User 
> Name:/home/domain/username:/bin/bash
So the account seems to exixts (getent passwd seems to work correctly) 
but cached login doesn't...

Someone can help me to troubleshoot this problem?

Piviul

[¹] https://wiki.samba.org/index.php/PAM_Offline_Authentication