[Samba] samba-3.0.20rc1 winbind Windows 2003 SP1 ADS wbinfo all fine, but getent passsd or group does not work...

Mike Rose mr349 at cam.ac.uk
Mon Aug 1 12:01:25 GMT 2005 

Hi,

I've joined a Suse 9.1 Pro linux computer to a Windows 2003 SP1 ADS using:
# kinit Administrator at DOMAIN
# net ads join

The computer account is created on the DC and wbinfo (-t -u -g) all
work. Then I try getent passwd or getent group and nothing.


This is with:

#grep winbind /etc/nsswitch.conf
passwd:     compat winbind
group:      compat winbind

# ps -ef | grep -E 'winbind|nmbd'
root      3169     1  0 Jul29 ?        00:00:02 nmbd
root      3171     1  0 Jul29 ?        00:00:01 winbindd -d 5
root      3172  3171  0 Jul29 ?        00:00:00 winbindd -d 5
root      3173  3171  0 Jul29 ?        00:00:01 winbindd -d 5

# cat /usr/local/samba/lib/smb.conf
[global]
# separate domain and username with '\', like DOMAIN\username
winbind separator = +
# use uids from 10000 to 20000 for domain users
 idmap uid = 10000-20000
# use gids from 10000 to 20000 for domain groups
 idmap gid = 10000-20000
# allow enumeration of winbind users and groups
winbind enum users = yes
winbind enum groups = yes
# give winbind users a real shell (only needed if they have telnet access)
template homedir = /home/%U
template shell = /bin/bash
winbind cache time = 600
winbind trusted domains only = yes

workgroup = SHORTDOMAIN

# to remove domain from username
# winbind use default domain = yes
obey pam restrictions = Yes

realm = DOMAIN
security = ADS
encrypt passwords = yes
password server = SERVER.DOMAIN

# Example share definition

[public]
comment = Public data directory
read only = no
path = /sambapublic
user = @"DOMAIN+domain users"


an strace of getent passwd shows getent looking at /lib/libnss_winbind.so

samba is configured like so:
./configure --prefix=/usr/local/samba/ --with-ldap --with-ads --with-krb5
--with-pam --with-winbind


I have submitted this as a bug against the latest 3.0.20 release candidate
just in case this is not my fault:
https://bugzilla.samba.org/show_bug.cgi?id=2929


Has anyone else managed to get this working, please?



Mike.

More information about the samba mailing list