This is one that took me a while to figure out. By default, the newer versions of samba tell winbind not to enumerate users or groups, because this could cause a performance drop for large (10000+ users I believe) networks. The way to fix this is to set these two options in smb.conf:
winbind enum users = yes
winbind enum groups = yes
Hope that helps some.> Date: Wed, 17 Oct 2007 11:03:13 -0600> From: sgt.hulka at gmail.com> To: samba at lists.samba.org> Subject: [Samba] getent passwd not listing domain users, nsswitch.conf is configured> > Using Samba 3.0.25c on OpenSolaris nv72.> > wbinfo -u lists domain users as expected.> getent passwd only lists local users.> nsswitch.conf has the following lines:> passwd: files winbind> group: files winbind> > My smb.conf is below. Where should I start to troubleshoot?> > [global]> realm = FNB.LOCAL> workgroup = FNB> security = ADS> use kerberos keytab = true> ; password server = my-server.fnb.local> encrypt passwords = yes> server string = Samba ADS> client use spnego = yes> > # winbind configuration:> winbind use default domain = yes> winbind nested groups = yes> idmap backend = ad> winbind nss info = rfc2307> winbind separator = /> winbind enum users = yes> winbind enum groups = yes> # idmap uid = 10000-20000> # idmap gid = 10000-20000> ; template homedir = /samba/pchome/%D/%U> > # idmap domains = FNB> # idmap config FNB:default = yes> # idmap config FNB:backend = tdb> # idmap config FNB:range = 10000-20000> # this tells Samba to use a separate log file for each machine> # that connects> log file = /var/samba/log/log.%m> log level = 10> # Put a capping on the size of the log files (in Kb).> max log size = 1024> > # Most people will find that this option gives better performance.> # See the chapter 'Samba performance issues' in the Samba HOWTO Collection> # and the manual pages for details.> ; socket options = TCP_NODELAY> -- > To unsubscribe from this list go to the following URL and read the> instructions: https://lists.samba.org/mailman/listinfo/samba
