[Samba] getent group empty response

Daniel Müller mueller at tropenklinik.de
Thu Sep 18 02:36:10 MDT 2014 

If both w2008 are replicating. There should be no problem. Of course samba
elects one of the ADS to serve for group and users.
But  I think you should point: 
password server = *

EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen 
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de





-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Deniz Eren
Gesendet: Donnerstag, 18. September 2014 10:24
An: samba at lists.samba.org
Betreff: [Samba] getent group empty response

>On 18/09/14 07:56, Deniz Eren wrote:
>>* We have two domain controllers, one parent(DOMAIN.COM 
>><http://DOMAIN.COM> <http://domain.com/ <http://domain.com/>>)
*>>* and one child(CHILD.DOMAIN.COM <http://CHILD.DOMAIN.COM>
<http://child.domain.com/ <http://child.domain.com/>>). When two domain
*>>* controllers are up "getent group" returns group names correctly. But
when
*>>* child domain controller is down "getent group" returns empty. My samba
*>>* version is "3.6.22". I have added my smb.conf I couldn't find any
*>>* parameters affecting this problem. Am I missing something in smb.conf?
Or
*>>* is there a workaround to solve this problem?
*>>>>>>* smb.conf
*>>* -------------------------------
*>>* [global]
*>>*     netbios name = BUILD2
*>>*     realm = DOMAIN.COM <http://DOMAIN.COM> <http://domain.com/
<http://domain.com/>>
*>>*     workgroup = DOMAIN
*>>*     security = ads
*>>*     encrypt passwords = yes
*>>*     password server = 10.0.0.59
*>>*     log level = 1
*>>*     log file = /var/log/samba.log
*>>*     ldap ssl = no
*>>*     idmap uid = 10000-20000
*>>*     idmap gid = 10000-20000
*>>>>*     winbind separator = /
*>>*     winbind enum users = yes
*>>*     winbind enum groups = yes
*>>*     winbind use default domain = yes
*>>>>*     domain master = no
*>>*     local master = no
*>>*     preferred master = no
*>>>>*     template shell = /sbin/nologin
*>>>>*     getwd cache = yes
*>>*     winbind cache time = 3000
*>>*     ldap connection timeout = 10
*>>*     ldap timeout = 120
*>>* -------------------------------
*>>>>* This issue is like mine "
*>>* https://lists.samba.org/archive/samba/2010-June/156813.html
<https://lists.samba.org/archive/samba/2010-June/156813.html>".
*>Hi, the smb.conf you have posted seems to be for a client, Just what is
>it pointed at, an NT4 style PDC, a Samba4 AD DC or what? I think that 
>you are going to have to give us a bit more info.
>
>Rowland

It is pointed to Windows 2008r2 Server serving as AD Domain PDC whose name
is DOMAIN.COM. Also another Windows2008r2 Server exists with name
CHILD.DOMAIN.COM which is child domain of DOMAIN.COM.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list