Network and Storage Protocols

Clear CIFS/AD (Group Member - GID) Cache on Netapp 8.3.2

Serge_Hoedts
5,351 Views

Hi,

 

I have been searching for a solution to my little issue without success. Maybe someone here knows the solution.

 

Question:

I would like to know if there is a way to flush/clear the cache of the group membership (GID) when changing the Primary Group in AD?

 

 

Test:

- Changing the Primary group in AD

- Wait ~1min

- FILER::> diag secd authentication show-creds -node FILER-01 -vserver CIFSSRV01 -unix-user-name user1

 

GID: user1 <= Should be project gid 
Supplementary GIDs:
user1 <= Should be project gid

 

Tried:

diag secd cache clear -node FILER-01 -vserver CIFSSRV01 -cache-name ldap-groupname-to-id
diag secd cache clear -node FILER-01 -vserver CIFSSRV01 -cache-name ldap-userid-to-creds
diag secd cache clear -node FILER-01 -vserver CIFSSRV01 -cache-name ldap-userid-to-name
diag secd cache clear -node FILER-01 -vserver CIFSSRV01 -cache-name ldap-username-to-creds
diag secd cache clear -node FILER-01 -vserver CIFSSRV01 -cache-name name-to-sid
diag secd cache clear -node FILER-01 -vserver CIFSSRV01 -cache-name sid-to-name

 

Works:

The only solution that seems to work is to run vserver cifs stop / start

 

System in running 8.3.2

 

Regards,

Pierre

1 REPLY 1

Sahana
5,297 Views

Hi,

 

Could you please try

Clear the caches username-to-info, userid-to-name and nis-group-membership on all the nodes :
::*> diag secd cache clear -node  <node1> -vserver <svm> -cache-name username-to-info
::*> diag secd cache clear -node  <node1> -vserver <svm> -cache-name userid-to-name
::*> diag secd cache clear -node  <node1> -vserver <svm> -cache-name nis-group-membership

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Public