-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Graeme Humphries wrote: | On Fri, 2005-06-10 at 12:54 -0500, Gerald (Jerry) Carter wrote: |>Try this as root: wbinfo -a 'domain\user%pw' |>(filling in the approriate username and password. |>Then su - 'domain\username' and run id. | | I'm using '+' as a delimiter, but in any case: | | # wbinfo -a 'DOMAIN+graemehu%password' | plaintext password authentication succeeded | challenge/response password authentication succeeded | [EMAIL PROTECTED]:~ # su - 'DOMAIN+graemehu' | [EMAIL PROTECTED]:~$ id | uid=10670(graemehu) gid=10047(maingroup) | groups=10011(the_group_that_never_showed_up) | | Yay! And, connecting to the share controlled by that | group, I can now get into it! HOORAY! | | So, my next question is, how do I force this to happen | on a global level for all users, say, every 5 minutes. ;)
are you using security = domain or ads ? If the latter then stop winbindd and remove $(lockdir)/netsamlogon_cache.tdb. If the former, then the cache should be updated every time the user's logs in. In technical terms, the cache is a copy of the NET_USER_INFO_3 structure in the samlogin() reply (used for NTLM authenication). You're not the first one to be bitten by this. It was more useful in Samba 2.2.x installations. We'll definitely fix this somehow before the next stable release. cheers, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCqdjEIR7qMdg1EfYRAn8kAKDvsoZmEZV42qdWc3jCgU/ybHlu7wCggr3p K99hFwGihwhxau6SzEoBJo8= =RnX8 -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
