[Samba] Re: default kerberos realm??

Howard Wilkinson howard at cohtech.com
Wed Oct 17 16:39:28 GMT 2007

Frank Van Damme wrote:
> On 10/17/07, Frank Van Damme <frank.vandamme at gmail.com> wrote:
>> Everything seems to work now, I could join the domain, I can create
>> files and chown them to windows users (like DOMAIN+jsixpack). And
>> while drafting this message, I finally got the login-to-the-linux-box
>> working :-)
> Oh yes, one thing that, oddly, does not work yet is:
> # getent passwd
> returns only local users. I can do
> # getent passwd DOMAIN+jsixpack
> DOMAIN+jsixpack:*:10002:10002:Joe Sixpack:/home/DOMAIN/jsixpack:/bin/bash
> though. Has that something to do with AD not allowing to do a query on
> all users in the directory or something?
This is an artefact of the use of NSCD. The call to "getent passwd" runs 
using the users kerberos credentials, the call to "getent passwd <user>" 
runs using the NSCD credentials - which are usually the system ones.

So the simple thing to do is to kinit before you make the call.


Howard Wilkinson





Coherent Technology Limited





23 Northampton Square,





United Kingdom, EC1V 0HL




howard at cohtech.com


More information about the samba mailing list