[Samba] Group memberships on Linux AD Member (syncing randomly)
Matthias Leopold
matthias.leopold at meduniwien.ac.at
Mon Jul 3 09:43:43 UTC 2023
Thanks for explaining, I wasn't aware of this. Maybe this should be
mentioned more prominently in the docs (I hope I didn't overlook anything).
Matthias
Am 30.06.23 um 16:23 schrieb Ralph Boehme via samba:
> Hi Matthias,
>
> On 6/30/23 15:40, Matthias Leopold via samba wrote:
>> Can someone explain what is happening or where I need to tune?
>
> this is by design. :)
>
> The only reliable way (lacking S4U2SELF support) to get group membership
> for an AD user, is using the group list the DC passes along to us as
> part of the authentication process.
>
> We're trying extra hard to store this data *persistently* in the
> SAM-logon cache and not in an easily user flushable cache.
>
> -slow
>
>
More information about the samba
mailing list