1 files changed, 8 insertions, 0 deletions

diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c
index 3571142c58..d398e41468 100644
--- a/source3/nsswitch/winbindd_pam.c
+++ b/source3/nsswitch/winbindd_pam.c
@@ -382,6 +382,9 @@ enum winbindd_result winbindd_dual_pam_auth(struct winbindd_domain *domain,
 	} while ( (attempts < 2) && retry );
 
 	if (NT_STATUS_IS_OK(result)) {
+		netsamlogon_cache_store(state->mem_ctx, name_user, &info3);
+		wcache_invalidate_samlogon(find_domain_from_name(name_domain), &info3);
+
 		/* Check if the user is in the right group */
 
 		if (!NT_STATUS_IS_OK(result = check_info3_in_group(state->mem_ctx, &info3,
@@ -664,6 +667,11 @@ enum winbindd_result winbindd_dual_pam_auth_crap(struct winbindd_domain *domain,
 	} while ( (attempts < 2) && retry );
 
 	if (NT_STATUS_IS_OK(result)) {
+		netsamlogon_cache_store(state->mem_ctx, name_user, &info3);
+		wcache_invalidate_samlogon(find_domain_from_name(name_domain), &info3);
+
+		/* Check if the user is in the right group */
+
 		if (!NT_STATUS_IS_OK(result = check_info3_in_group(state->mem_ctx, &info3,
 							state->request.data.auth_crap.require_membership_of_sid))) {
 			DEBUG(3, ("User %s is not in the required group (%s), so plaintext authentication is rejected\n",