We run Samba (4.3.5) on CentOS 7x64 as an AD domain controller, and we have another CentOS 6x64 server that has been joined to the domain which provides a Samba (also 4.3.5) share to our AD users. Fairly frequently (nearly every day), and with no clear reason I can ascertain, a random business user will complain: "I cannot access the shared drive" On investigation I reliably find that, on the Linux server hosting the share, the following is the case: # wbinfo -g allowed rodc password replication group enterprise read-only domain controllers denied rodc password replication group read-only domain controllers group policy creator owners ras and ias servers domain controllers enterprise admins domain computers cert publishers dnsupdateproxy domain admins domain guests schema admins osdevelopment domain users osdirector ossecurity dnsadmins osfinance oslegal osvpn # id problemusername uid=10010 gid=10001(osdirector) groups=4294967295,10001(osdirector),10013(domain admins),10000(osdevelopment),10004(ossecurity),10005(osvpn),10014(domain users),2000(BUILTIN\administrators),2001(BUILTIN\users) The groups obviously vary depending on problemusername, but in every case the first group in the list shows up as a non-existant group id of 4294967295 To correct the problem is simple, on the server hosting the share I simply type: # net cache flush Immediately re-running # id problemusername uid=10010 gid=10001(osdirector) groups=10001(osdirector),10013(domain admins),10000(osdevelopment),10004(ossecurity),10005(osvpn),10014(domain users),2000(BUILTIN\administrators),2001(BUILTIN\users) ie, the identically list BUT WITHOUT the 4294967295 group, and hey presto problemusernameis again able to access the shared drive. And so all is fine ....until another random user contacts me and says "I cannot access the shared drive" Just for interest 4294967295 is not a random number as searching returns the following wikipedia entry https://en.wikipedia.org/wiki/4294967295
While I'm not sure what the cause was, I can note that we ehanced our internet connection and the problem has not been seen since.