Viktor Trojanovic
2020-Aug-18 16:09 UTC
[Samba] Samba AD member - how to force sync AD attributes?
I have a setup with a single Windows DC and a couple of Samba member servers, set up using the AD backend. I noticed I made a mistake when setting up a group, giving it a gidNumber that was already in use. So, using ADUC, I quickly changed it to a free number. And yet, running the command on a member server, getent group still shows the number from before the change. 20 minutes later, still the same picture. That confuses me a bit. Shouldn't getent query the DC directly? Instead, it seems to access some cached information that, in this specific case, is no longer valid. If that's the case, can I somehow flush the cache or speed up the synchronization? I tried reloading the configuration, restarting all components (smbd, nbmd, winbind), all to no avail. By the way, wbinfo shows the correct, updated information. Viktor
L.P.H. van Belle
2020-Aug-18 16:14 UTC
[Samba] Samba AD member - how to force sync AD attributes?
Hai, Try net cache flush restart samba, test again. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Viktor Trojanovic via samba > Verzonden: dinsdag 18 augustus 2020 18:09 > Aan: samba > Onderwerp: [Samba] Samba AD member - how to force sync AD attributes? > > I have a setup with a single Windows DC and a couple of Samba member > servers, set up using the AD backend. > > I noticed I made a mistake when setting up a group, giving it > a gidNumber > that was already in use. So, using ADUC, I quickly changed it > to a free > number. > > And yet, running the command on a member server, getent group > still shows > the number from before the change. 20 minutes later, still the same > picture. > > That confuses me a bit. Shouldn't getent query the DC > directly? Instead, it > seems to access some cached information that, in this > specific case, is no > longer valid. If that's the case, can I somehow flush the > cache or speed up > the synchronization? I tried reloading the configuration, > restarting all > components (smbd, nbmd, winbind), all to no avail. > > By the way, wbinfo shows the correct, updated information. > > Viktor > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
Maybe Matching Threads
- New AD user cannot access file share from member server
- New AD user cannot access file share from member server
- New AD user cannot access file share from member server
- New AD user cannot access file share from member server
- New AD user cannot access file share from member server