[Samba] Why doesn't getent passwd work for me?

Jason Kusar jkusar at swordofthespirit.org
Sun Aug 19 23:16:16 GMT 2007


----- samba at piven.org wrote:
> Joseph Slone wrote:
> > I've attached a samba 3 (3.023c-2.el5.2.0.2) server to my windows
> 2003
> > domain.  The domain's functional level is Windows 2000 Native.
> > The server is running Centos 5.   This configuration worked before I
> rebuild
> > the server from Fedora Core 4 what ever version of samba it had.
> > [snip]
> > 
> > wbinfo -u and wbinfo -g returns the user and group list I expected.
> > 
> > wbinfo --authenticate=name%password  returns
> > 
> > plaintext password authentication succeeded
> > challenge/response password authentication succeeded
> > 
> > This concerns me, shouldn't the password be encrypted?
> > 
> > getent passwd name  returns nothing.   getent passwd  returns a list
> of
> > local accounts.
> 
> What does your /etc/nsswitch.conf look like?  You need to have the 
> winbind service specified for passwd and group lookups in order for 
> getent and friends to check winbind as well as the local files.
> 
> In /etc/nsswitch.conf, you should see lines looking like
> 
> passwd: files winbind
> group:	files winbind

I actually just had the same problem with CentOS5 recently.  If you already have nsswitch configured properly as above, check that libnss_winbind.so is in the proper place.  The instructions I found said to put it in /usr/lib64/nss and create a symlink to it called libnss_winbind.so.2.  However, I experienced the same problems as you, but I found that if I symlinked both files to /usr/lib64, the problem went away.  Meaning that I have the following four entries (3 of which are symlinks):

/usr/lib64/libnss_winbind.so
/usr/lib64/libnss_winbind.so.2
/usr/lib64/nss/libnss_winbind.so
/usr/lib64/nss/libnss_winbind.so.2

Of course, if you're using 32-bit Centos, the path will be /usr/lib instead of /usr/lib64.  Hope this helps!

--Jason


More information about the samba mailing list