[Samba] AD Group update lag / cache, firewall related?

Hey again all,

After the rather excellent assistance from a few of you on the list over the last week... I wonder if you will be able to answer the cause of another rather long standing issue I've had for a long while.

We have a couple of Linux hosts using winbind for authentication, and AD groups for access to various privileges... but for some reason or another... possible firewalls blocking some of the communication... when users groups are updated, they are not reflected on the Linux box, sometimes for days, or even weeks.

We've never been able to explain it, and I've never asked for advice before since I always put it down to an /ancient/ version of samba/winbind.

I have however, now upgraded that version of Samba to 4.6.6, and since the problem is still evident, I figure it's a perfect chance to ask.... 

Also, I guess it would be useful to know how to correctly flush whatever caches samba/winbind is holding.

A. James Lewis (james@xxxxxxxxxx (mailto:james@xxxxxxxxxx))
"Engineering does not require science. Science helps a lot but people
built perfectly good brick walls long before they knew why cement works."
