Jiu Zheng wrote: > > I have a win2k domain controller, and winbindd is running on a FreeBSD box. > After a user has been authentiacted (using "wbinfo -a username%password"), > when "Member of" for this user is modified from the domain controller, > "wbinfo -r username" won't returns the new groups, unless you remove file > "winbindd_cache.tdb" then restart winbindd. It seems like winbindd > wouldn't try to refetch the group information after it is cached. > > I post this message to [EMAIL PROTECTED] a few days ago and no reply > yet. Could anyone look into this please?
(Assuming Samba 3.0, I'm not quite sure what ended up in 2.2) Yes, this behaviour is by design. Perhaps we need to reconsider the design. The problem is that we wanted to avoid an expencive call to the DC for every login, particularly as we are given a full list of the users groups in the reply to the authenticaion request. In particular, when we are not using LDAP and Active Directory, it appears that there is no other way to reterive these groups. BTW, I think the problematic file is netlogon_unigroup.tdb. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
