On 23/06/2009 11:00, JohnS wrote: > On Tue, 2009-06-23 at 10:46 +0100, Kevin Thorpe wrote: > >> On 23/06/2009 10:39, Brett Serkez wrote: >> >>> On Tue, Jun 23, 2009 at 5:25 AM, Kevin Thorpe<kevin at pibenchmark.com> wrote: >>> >>> >>> >>>> Yet I can still connect to the shares as kevin..... strange >>>> >>>> >>> As root try: >>> >>> # service smb reload >>> >> Curiouser and curiouser. That worked, I can't connect now. Why should >> Samba cache the password file? >> Seems a bit of a security problem to me. >> > --- > The samba Caching directory is in /var/cache/samba . Why should it Cache > it? For quicker access. That is the way it is designed and I know of no > security flaw in that. Just executing service smb reload will not > disconnect a user. But using "restart" will dump all the users. Oh, I didn't spot the distinction between 'reload' and 'restart'. Personally I would have forced that after a password change, or at the very least after deleting a user because otherwise they seem to still be able to get in.