The documentation says that running winbindd with '-n' will 'Disable caching' but this does not apply to the idmap cache.
Created attachment 3984 [details] patch Is the attached (untested) patch what you have in mind? If yes, I'd check it in.
That looks perfect and is exactly what I was thinking of. I'll note that it took me a minute to realize that opt_nocache is true if '-n' is set as a command line argument, and thus winbindd_use_cache() and winbindd_use_idmap_cache() would return false due to !opt_nocache.
Exactly that also confused me. That's why I introduced the (as I believe) more descriptive routines. Did you actually test that code? Just checking... Volker
I did not at the time, but I have now. Applied patch against 3.3.1 release and built from source. ./configure --with-ads --with-winbind --with-shared-modules=idmap_ad linked /usr/lib/samba/lib/smb.conf to existing /etc/samba/smb.conf Joined to domain Ran 'winbindd -i -d10', ran 'wbinfo --uid-info UID' a couple times, checked the log and saw the 'Returning valid cache entry' log. Ran 'winbindd -i -d10 -n' and ran wbinfo again, no cache in the log and saw the search against ldap. Works as expected now with patch.
Thanks for testing. Pushed. Volker