AD USERS lost per 2 hours

[Daniel Chen]

Windows 2003 R2 AD

Version: FreeNAS-9.3-CURRENT-201503130047

smb4.conf:

[global]
............
............
............

idmap config *: backend = tdb
idmap config *: range = 90000001-900000000
server role = member server
netbios name = NAS
workgroup = XXXXX
realm = XXXXX.COM.CN
security = ADS
client use spnego = yes
cache directory = /var/tmp/.cache/.samba
local master = no
domain master = no
preferred master = no
winbind cache time = 7200
winbind offline logon = yes
winbind enum users = yes
winbind enum groups = yes
winbind nested groups = yes
winbind use default domain = yes
winbind refresh tickets = yes
winbind nss info = rfc2307
idmap config XXXXX: backend = rid
idmap config XXXXX: range = 20000-90000000
allow trusted domains = no
client ldap sasl wrapping = sign

............
............
............

run "wbinfo -u", "wbinfo -g", "wbinfo -t" all right

By per 2 hours(winbind cache time = 7200, 7200 seconds), all AD account users will lost in UI drop-down menu, but AD groups all exsit.

then, run "/usr/local/www/freenasUI/tools/cachetool.py keys", output "w", "g key:", "dg key:", no "u key:".

How can I repaire it? Please help me, thanks!

 

[Daniel Chen]

Now I write a script then attach to the Task, run it per day. It works.
CAN HAVE MORE OTHER METHODS?

Code:

#! /bin/bash

REM because system will recover the smb4.conf, and to set the winbind cache time = 7200, so i will set to 86280
rm /usr/local/etc/smb4.conf
cp /usr/local/etc/smb4.conf.bak /usr/local/etc/smb4.conf

REM Delete cache files
rm /var/tmp/.cache/.samba/*.*
rm /var/db/samba4/winbindd_cache*
net cache flush

REM restart SAMBA
/usr/local/etc/rc.d/samba_server restart

REM Important! wait for SAMBA service restart
sleep 1

REM not necessary the follow 5 lines
wbinfo -u
wbinfo -g
wbinfo -t
getent passwd
getent group

REM refresh UI 
/usr/local/www/freenasUI/tools/cachetool.py expire
/usr/local/www/freenasUI/tools/cachetool.py fill
/usr/local/www/freenasUI/tools/cachetool.py keys