Hi all,
According to the fine Samba manual in chapter 23:
----------------------------
To reduce the network cost of these lookups, Winbind uses a caching
scheme based on the SAM sequence number supplied by NT domain
controllers. User or group information returned by a PDC is cached by
Winbind along with a sequence number also returned by the PDC. This
sequence number is incremented by Windows NT whenever any user or group
information is modified. If a cached entry has expired, the sequence
number is requested from the PDC and compared against the sequence
number of the cached entry. If the sequence numbers do not match, then
the cached information is discarded and up-to-date information is
requested directly from the PDC.
----------------------------
The problem I'm currently having could be explained by the server not
updating the sequence number. Is it possible to manually expire all
entries in the cache and force winbind to go direct to the PDC?
"net cache" doesn't work (different cache.)
I'm assuming 'wbinfo' goes direct all the time, because it returns
up
to date info, as does 'getent group ...' it's just Samba that's
stuck
with old/cached data.
Thanks,
Adam.
