[Samba] getent not listing domain accounts
Andre Freire
andre.freire at hotfixtecnologia.com.br
Sun Jan 31 20:54:01 UTC 2016
Hi,
If your system is Debian use:
ln -s /usr/local/samba/lib/libnss_winbind.so /lib/x86_64-linux-gnu/
ln -s /lib/x86_64-linux-gnu/libnss_winbind.so
/lib/x86_64-linux-gnu/libnss_winbind.so.2
And "getent passwd" will show the domain users. Maybe you need restart de
server.
Att,
Este e-mail foi enviado por um computador sem vírus e protegido pelo Avast.
www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DDB4FAA8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
André Freire
Sócio Diretor
E-mail: andre.freire at hotfixtecnologia.com.br
skype: andrefreire.hf
Tel: (71)9381-7372
2016-01-31 7:03 GMT-02:00 Rowland penny <rpenny at samba.org>:
> On 31/01/16 02:07, Henry McLaughlin wrote:
>
>> On 31 January 2016 at 08:32, Rowland penny <rpenny at samba.org> wrote:
>>
>> On 30/01/16 21:01, Henry McLaughlin wrote:
>>>
>>> On 30 January 2016 at 23:16, Rowland penny <rpenny at samba.org> wrote:
>>>>
>>>>
>>>> Thanks Rowland (once again)
>>>>
>>>> with the usermapping in the smb.conf file and it's associated file
>>>> there
>>>> are still no domain accounts returned from getent (user or group)
>>>>
>>>> The root usermapping has nothing to do with getent, but you need it on
>>> domain member to change file & directory ACLs from a windows machine.
>>>
>>>
>>> Regarding UIDs & GIDs I understood the advantage of using RID what that
>>>> there were no UIDs or GIDs required as they are calculated on the run
>>>> based
>>>> upon SID. Accordingly do I still need to add them as I am using RID ?
>>>>
>>>> No, I was in rush to go somewhere and missed the word 'rid', sorry :-)
>>> But getent still won't show anything for the users you posted i.e.
>>> Administrator, krbtgt and guest, they come under the heading of builtin
>>> users and will be mapped to numbers from the range '2000-9999' and as
>>> such
>>> will not be shown by getent.
>>>
>>> Try adding a new domain user, this user should get a RID of 1000 or
>>> above,
>>> the idmap_rid backend should calculate the users UID from 'ID = RID -
>>> BASE_RID + LOW_RANGE_ID', so if his RID is 1000, this becomes:
>>>
>>> ID = 1000 - 0 + 10000
>>> ID = 11000
>>> This is what 'getent passwd domainuser' should return, there is however
>>> another gotcha, the later versions (I forget at which version it started
>>> from) of Samba do not return any domain users if you just run 'getent
>>> passwd', you must ask for the user by name i.e. 'getent passwd
>>> domainuser'
>>>
>>> Rowland
>>>
>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>> Still no success:
>>
>> root at aphrodite:~# wbinfo -u
>> henry
>> administrator
>> krbtgt
>> guest
>> root at aphrodite:~# getent passwd henry
>> root at aphrodite:~# id henry
>> id: henry: no such user
>> root at aphrodite:~#
>>
>
> What OS are you using and what version of Samba ?
>
> This should work for 'henry', so it may be that PAM isn't setup correctly.
>
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list