Winbind returns invalid group information from the winbind cache instead of the netsamlogon cache. +---------------+ +---------------+ | LEVEL1 | <---- two way trust ----> | LEVEL2 | +---------------+ +---------------+ ^ | joined to | =========== WINBIND =========== ^ | logs in | LEVEL2+alice1 (member of LEVEL1+bobgroupdl1 (Domain Local), LEVEL2+alicegroupgl1 (Global)) Above is the example which groups should be listed for the user alice1 of the trusted domain, but we return Domain Local groups from LEVEL2 cause of invalid cached information.
Created attachment 10839 [details] patch for 4.2
Created attachment 10840 [details] patch for 4.1
Karolin, please add the patches to the relevant branches. Thanks!!
Pushed to autobuild-v4-[1|2]-test.
(In reply to Karolin Seeger from comment #4) Pushed to both branches. Closing out bug report. Thanks!