On 11 Nov 2021, at 11:29, L.P.H. van Belle via samba wrote:
> This sound like a "caching" thingy..
>
> What do you see if you, dont login but run a wbinfo -ug or
> a getent passwd user/group
We experience the same issue. Changes at group membership are not
available for a client until the user is logged in again.
Strange is, that if we `net cache flush` and even stop winbindd; remove
winbindd_*tdb; start winbindd the same old information is again there.
On the domain controller side everything is instantly available also
replicated to other domain controller.
Domain controller:
1. Add user to a group
2. `id username`
- Group is there
File server:
2. `id username`
- Group is not there
3. Login with as username
- Group is there
Is this by design?
4.15.2-SerNet-RedHat-6.el8
Greetings,
Tobias
> Is it updated then? (before you login).
>
> Greetz,
>
> Louis
>
>
>> -----Oorspronkelijk bericht-----
>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
>> Stefan Kania via samba
>> Verzonden: donderdag 11 november 2021 10:28
>> Aan: samba at lists.samba.org >> samba
>> Onderwerp: [Samba] Groupmembership remains
>>
>> Hi to all,
>>
>> I have a strange problem: I put a user in a group, then
>> listing the user
>> with "id user" on a Linux-client which is member of the
domain. The
>> command is showing the groupmembership. Then I remove the
>> groupmembership. On the DC everything is fine, the user is no longer
>> member of the group, the memberOf attribute is also deleted from the
>> ldap-object. On the client the user is still member of the group when
>> looking with "id user". The groupmembership with "id
user" stays
>> until
>> the user is logging in to the client. Did I miss something,
>> or is it as bug?
>>
>>
>> Stefan
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
--
collect at shift.agency