[Samba] Why doesn't getent passwd work for me?
Jason Kusar
jkusar at swordofthespirit.org
Sun Aug 19 23:16:16 GMT 2007
----- samba at piven.org wrote:
> Joseph Slone wrote:
> > I've attached a samba 3 (3.023c-2.el5.2.0.2) server to my windows
> 2003
> > domain. The domain's functional level is Windows 2000 Native.
> > The server is running Centos 5. This configuration worked before I
> rebuild
> > the server from Fedora Core 4 what ever version of samba it had.
> > [snip]
> >
> > wbinfo -u and wbinfo -g returns the user and group list I expected.
> >
> > wbinfo --authenticate=name%password returns
> >
> > plaintext password authentication succeeded
> > challenge/response password authentication succeeded
> >
> > This concerns me, shouldn't the password be encrypted?
> >
> > getent passwd name returns nothing. getent passwd returns a list
> of
> > local accounts.
>
> What does your /etc/nsswitch.conf look like? You need to have the
> winbind service specified for passwd and group lookups in order for
> getent and friends to check winbind as well as the local files.
>
> In /etc/nsswitch.conf, you should see lines looking like
>
> passwd: files winbind
> group: files winbind
I actually just had the same problem with CentOS5 recently. If you already have nsswitch configured properly as above, check that libnss_winbind.so is in the proper place. The instructions I found said to put it in /usr/lib64/nss and create a symlink to it called libnss_winbind.so.2. However, I experienced the same problems as you, but I found that if I symlinked both files to /usr/lib64, the problem went away. Meaning that I have the following four entries (3 of which are symlinks):
/usr/lib64/libnss_winbind.so
/usr/lib64/libnss_winbind.so.2
/usr/lib64/nss/libnss_winbind.so
/usr/lib64/nss/libnss_winbind.so.2
Of course, if you're using 32-bit Centos, the path will be /usr/lib instead of /usr/lib64. Hope this helps!
--Jason
More information about the samba
mailing list