[Samba] getent and wbinfo not returning expected results?

Mike Partyka mpartyka at gmail.com
Fri Sep 16 17:27:24 GMT 2005


For some time now have been trying to connect a Samba-3.0.14a-0.4  
server running on SuSE Ent 9 linux server to our Exchange 2003  
(running on Server 2003 Std w/ SP1) server which is also the AD  
server for our domain.

I can connect to the shares using the AD as the authentication  
source, so the basic functionality is there but some command output  
does not show in the way i expect it to.

Such as the "getent passwd" command should return a listing of the  
local passwd file with the Active Directory users appended to it, but  
it only lists the local passwd file.

I can have checked the kerberos ticket to make sure it's still valid,  
here is the output:
> Credentials cache: FILE:/tmp/krb5cc_0
>         Principal: Administrator at DOMAIN.COM
>   Issued           Expires          Principal
> Sep 16 11:44:08  Sep 16 21:44:08  krbtgt/DOMAIN.COM at DOMAIN.COM

And i test the join and it is valid, here is the output:

> Join is OK

Some commands work but not the way i would expect them to, such as  
"wbinfo -u". This command comes back with a list of users from the AD  
but the domain name is not prepended as i would expect with the  
domain separator value between the domain name and the username.

"wbinfo -g" is exactly the same, it comes back with a list of AD  
groups but the domain is not prepended, what would cause this behavior?

Here is the global section of my smb.conf, maybe i am missing  
something that will be obvious to users on this list.

> [global]
>    workgroup = domain
>    netbios name = mps1intmx01
>    server string = SMB %v for domain.com
>    security = ADS
>    encrypt passwords = Yes
>    template shell = /bin/bash
>    realm = DOMAIN.COM
>    # Winbind settings
>    idmap backend = idmap_rid:DOMAIN=500-5000
>    idmap uid = 500-1000
>    idmap gid = 500-1000
>    winbind separator = /
>    winbind enum users = Yes
>    winbind enum groups = Yes
>    winbind use default domain = Yes
>    winbind nested groups = Yes
>    allow trusted domains = No
>    preferred master = No
>    local master = No
>    wins server = msp1intmx02.domain.com
>    log level = 10

More information about the samba mailing list