[Samba] Can't get "getent passwd" to display winbind users

John H Terpstra jht at samba.org
Tue Jan 13 17:19:57 GMT 2004 

On Tue, 13 Jan 2004, Arnst, Rainer wrote:

> Hi,
>
> I am running Samba 3.0.1 on a Debian/Sid machine. I have installed
> winbind to access the AD of the local network, which I want to use for
> UNIX logons.
>
> wbinfo -u shows all the users of the AD, but "getent passwd" only shows
> the contents of the file /etc/passwd.
>
> I have been following the instruction for winbind (Chapter 21) in the
> Samba-HOWTO-Collection.
>
> Any comments would be greatly appreciated.

You just triggered my memory!

You must make certain that there are no accounts in AD backend that have
the same name as you already have in /etc/passwd and that differ in UID.
If you have this winbind will do exactly what you have reported.

I hit this wall recently. :(

- John T.

>
> Regards,
> Rainer
>
>
> Here's some data about my configuration.
>
> PCA-ARNSTR:/lib# ls /lib/*winbind* -l
> -rw-r--r--    1 root     root        15024 Dec 31 06:06
> /lib/libnss_winbind.so.2
>
>
> Here is my /etc/nsswitch.conf
> --------------------------------------
> # /etc/nsswitch.conf
> passwd:         files winbind compat
> group:          files winbind compat
> shadow:         files compat
> hosts:          files dns
> networks:       files
> protocols:      db files
> services:       db files
> ethers:         db files
> rpc:            db files
> netgroup:       nis
>
> And my smb.conf:
> # Sample configuration file for the Samba suite for Debian GNU/Linux.
> [global]
>
> ## Browsing/Identification ###
>    workgroup = NTDOM
>    server string = %h server (Linux/Samba %v)
>    netbios name = PCA-ARNSTR
>    wins server = svr_gamma
>    dns proxy = no
>
> #### Debugging/Accounting ####
>    log file = /var/log/samba/log.%m
>    max log size = 1000
>    syslog = 0
>    panic action = /usr/share/samba/panic-action %d
>
> ####### Authentication #######
>    security = ADS
>    realm = "EE-CONSULTANTS.DE"
>    encrypt passwords = yes
>    passdb backend = tdbsam guest
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
> *Retype\snew\sUNIX\spassword:* %n\n .
>    password server = svr_gamma.ee-consultants.de
>    obey pam restrictions = no
> #  guest account = nobody
>    invalid users = root
>    client use spnego = yes
>    idmap uid = 10000-20000
>    idmap gid = 10000-20000
>    winbind enum users = yes
>    winbind enum groups = yes
>    template shell = /bin/bash
>    winbind separator = +
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
> *Retype\snew\sUNIX\spassword:* %n\n .
>    printing = cups
>    printcap name = cups
>
>    socket options = TCP_NODELAY
>
>
>

-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list