I'm in a Samba/AD mixed environment with linux and Windows client. windows clearly behave correctly. I've tried to join an Ubuntu 22.04 laptop to the domain, clearly enabling offline cache in winlogon. The laptop works flawlessy until i keep connected to the network; if i disconnect it, nss/winbind stop to work at all (eg, an 'id gaio' that connected return my IDs, disconnected return 'user unknown'. After fiddling a bit with 'samba' users list, seems that if i set: idmap config lnffvg : unix_nss_info = no idmap config lnffvg : unix_primary_group = no then after disconnection i have some minutes where i can still logon (so, cached credential works for some minutes) but after that laptop became completely useless: - i cannot recover from lock screen - i cannot enable wireless anymore - i cannot reboot/power off - if i connect an ethernet cable, i've to wait 5-15 minutes to have winbind recover and so logon. Note that the same laptop was running Ubuntu 16.04, and with the same smb.conf file (minus of course needed change for samba version) worked as expected, eg offline logon worked. So seems also a regression to me... Thanks.
Forgot to say: i'm using rfc2307 IDMap. I've switched to RID IDMap, and all works as expected. So, seems that 'offline logon' winbind feature does not work with rfc2307.
Sorry, forgot to say. The laptop i'm using for tests was previously installed with another Ubuntu version (16.04); because Ubuntu was too much old, i've simply reinstalled it instead of doing multiple upgrade. The smb.conf was roughly the same, and the domain is exactly the same; but in Ubuntu 16.04 (samba version 2:4.3.11+dfsg-0ubuntu0.16.04.34) offline logon works perfectly also with RFC2307: it was used all the COVID/lockdown years (2020/2021) with VPN connection, so doing initial logon offline and then activating VPN. Thanks.