samba - Oct 2005 - winbind or netsamlogon_cache.tdb issue

Hello,

i am using samba 3.0.9 (winbind in particular) on RHES server for a squid
project : to authenticate users or check in they are member of some groups on
AD W2K servers.

It has been working fine for one year.

Last week, we have defined new AD groups to use for this project.

The problem that i am facing, is that for some users, the check to see if
the user is in the group is working fine, but for some other users, it returns
me an error (but the user is in the group !)I am using for this check the
wbinfo_group.pl file.
What i have noticed is that if i start winbind without cache, everything seems
to be ok.
Also, if i delete the netsamlogon_cache.tdb file and restart winbind, everything
seems to be ok.

Do you have a idea of what could have generated this situation ?

By the way, in my context could it be a solution to clear from time to time the
netsamlogon_cache.tdb file (i've seen in a previous post
http://groups.google.fr/group/linux.samba/tree/browse_frm/thread/43aea39f2f999fc7/7cd4c058dd74836f?rnum=1&hl=fr&q=netsamlogon_cache.tdb+&_done=%2Fgroup%2Flinux.samba%2Fbrowse_frm%2Fthread%2F43aea39f2f999fc7%2F7cd4c058dd74836f%3Ftvc%3D1%26q%3Dnetsamlogon_cache.tdb+%26hl%3Dfr%26#doc_103cdda4881a95a7

that removing this file could be a temporary solution before update of samba
> In technical terms, the cache is a copy of the NET_USER_INFO_3
> structure in the samlogin() reply (used for NTLM authenication).
> You're not the first one to be bitten by this.  It was more
> useful in Samba 2.2.x installations.  We'll definitely fix
> this somehow before the next stable release.
Is this fixed in the 3.0.20b release ?

Thanks in advance for you help,
Lionel

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Lionel D?ruaz wrote:

| The problem that i am facing, is that for some users, the check
| to see if the user is in the group is working fine,
| but for some other users, it returns me an error (but
| the user is in the group !)I am using for this check the
| wbinfo_group.pl file. What i have noticed is that
| if i start winbind without cache, everything seems
| to be ok. Also, if i delete the netsamlogon_cache.tdb
| file and restart winbind, everything seems to be ok.
|
...
|> In technical terms, the cache is a copy of the NET_USER_INFO_3
|> structure in the samlogin() reply (used for NTLM authenication).
|> You're not the first one to be bitten by this.  It was more
|> useful in Samba 2.2.x installations.  We'll definitely fix
|> this somehow before the next stable release.
|
| Is this fixed in the 3.0.20b release ?

No. But the netsamlogon_cache file has been removed in
3.0.21pre1 altogether.





cheers, jerry
====================================================================Alleviating
the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"There's an anonymous coward in all of us."              
--anonymous
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDXk6AIR7qMdg1EfYRAuM2AJ0dJK7XGxEWkVhvQ930PHfq+itmMwCgkwtH
rpsN2IifOIXRmVX9uN1AjwY=APkN
-----END PGP SIGNATURE-----