When the identity mapping service provides a name mapping, it stores the mapping in the cache for 10 minutes, at which point the mapping expires. Within its 10-minute life, a mapping is persistent across restarts of the identity mapping service. Changes to the mappings or to the name service directories do not affect existing connections within the 10-minute life of a mapping. The service evaluates mappings only when the client tries to connect to a share and there is no unexpired mapping. For example, if the SMB server requests a mapping for the user after the mapping has expired, the service re-evaluates the mapping.
If no name-based mapping rule applies for a particular user, that user will be given temporary credentials through an ephemeral mapping unless the user is blocked by another mapping. When a Windows user with an ephemeral UNIX name creates a file on the system, Windows clients accessing the file using SMB see that the file is owned by that Windows identity. However, NFS clients see that the file is owned by "nobody".