[Samba] Re: default kerberos realm??
Howard Wilkinson
howard at cohtech.com
Wed Oct 17 16:39:28 GMT 2007
Frank Van Damme wrote:
> On 10/17/07, Frank Van Damme <frank.vandamme at gmail.com> wrote:
>
>> Everything seems to work now, I could join the domain, I can create
>> files and chown them to windows users (like DOMAIN+jsixpack). And
>> while drafting this message, I finally got the login-to-the-linux-box
>> working :-)
>>
>
> Oh yes, one thing that, oddly, does not work yet is:
>
> # getent passwd
>
> returns only local users. I can do
>
> # getent passwd DOMAIN+jsixpack
> DOMAIN+jsixpack:*:10002:10002:Joe Sixpack:/home/DOMAIN/jsixpack:/bin/bash
>
> though. Has that something to do with AD not allowing to do a query on
> all users in the directory or something?
>
>
>
This is an artefact of the use of NSCD. The call to "getent passwd" runs
using the users kerberos credentials, the call to "getent passwd <user>"
runs using the NSCD credentials - which are usually the system ones.
So the simple thing to do is to kinit before you make the call.
--
Howard Wilkinson
Phone:
+44(20)76907075
Coherent Technology Limited
Fax:
23 Northampton Square,
Mobile:
+44(7980)639379
United Kingdom, EC1V 0HL
Email:
howard at cohtech.com
More information about the samba
mailing list