[Samba] winbind nss info = rfc2307 doesn't work when users not in "Users" Container?

Christoph Peus cp at uni-wh.de
Tue Oct 23 20:53:18 GMT 2007

Hi all,

we have been using a samba setup with samba being an AD member, idmap 
backend = ad and winbind nss info = rfc2307 for several month without 
problems yet.
But it turns out now that we cannot move useraccounts in AD from the
original location
to a newly created OU
because winbind doesn't get correct values for homedir and shell anymore:

before: (correct output)
lunkwill samba # getent passwd test

after: (wrong output)
lunkwill samba # getent passwd test

This is perfectly reproducible by moving accounts from the Users 
container to the OU and back again. I can't believe that this is by 
Any idea?

Our config:
samba 3.0.24

security = ADS
password server = *
ldap ssl = no
idmap uid = 1000-60000
idmap gid = 1000-60000
idmap backend = ad
winbind nss info = rfc2307
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind cache time = 300

Thanks for your help!


More information about the samba mailing list