[Samba] SID history secondary group set bloat
Ralph Boehme
slow at samba.org
Wed Jun 9 14:32:03 UTC 2021
Am 09.06.21 um 16:05 schrieb Weiser, Michael:
> Yeah, I find that message in log.winbinds-idmap now:
>
> root at debian:~# grep autorid.*config.*default /var/log/samba/log.winbindd*
> /var/log/samba/log.winbindd-idmap: idmap_autorid_initialize: Error: autorid configured for domain 'example'. But autorid can only be used for the default idmap configuration.
> /var/log/samba/log.winbindd-idmap: idmap_autorid_initialize: Error: autorid configured for domain 'example'. But autorid can only be used for the default idmap configuration.
> /var/log/samba/log.winbindd-idmap: idmap_autorid_initialize: Error: autorid configured for domain 'example'. But autorid can only be used for the default idmap configuration.
>
> But even as default backend it shows a similar issue with SID history as idmap_nss (see end of my previous mail for full details):
sorry, much too busy to fully read all that.
> root at debian:/var/cache/samba# id EXAMPLE\\secretuser
> uid=301142(EXAMPLE\secretuser) gid=300513(EXAMPLE\domain users) groups=300513(EXAMPLE\domain users),301142(EXAMPLE\secretuser),472199(EXAMPLE\secret),572198(EXAMPLE\secret),301141(EXAMPLE\secret),301132(EXAMPLE\cae)
>
> Any idea why?
caching?
Have you tried net cache flush and restarted winbind so the winbind
cache gets flushed too?
Cheers!
-slow
--
Ralph Boehme, Samba Team https://samba.org/
Samba Developer, SerNet GmbH https://sernet.de/en/samba/
GPG-Fingerprint FAE2C6088A24252051C559E4AA1E9B7126399E46
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20210609/9fca2407/OpenPGP_signature.sig>
More information about the samba
mailing list