[Samba] winbind can get uid and gid from sfu,
but not homedir or loginshell
Jonathan.Detert at msoe.edu
Thu Apr 17 17:12:56 GMT 2008
I have winbind v3.0.26a running on ubuntu server v7.10 (gutsy).
I intend to get user & group info from MsActiveDirectory.
However, when I type:
getent passwd somerandomuser
I get the uid and gid for the user, as recorded in the msad schema by
virtue of sfu, but the homedir and loginshell that are returned are like
what "winbind nss info = template" would return by default:
Even though the msad attributes msSFU30HomeDirectory and msSFU30LoginShell are
set, and differ from those defaults.
Any idea why this is?
With debugging set to 7, the log.wb-MYDOMAIN file has this:
[2008/04/17 11:58:48, 3] lib/module.c:do_smb_load_module(49)
Error loading module '/usr/lib/samba/nss_info/sfu.so': /usr/lib/samba/nss_info/sfu.so: cannot open shared object file: No such file or directory
[2008/04/17 11:58:48, 3] nsswitch/nss_info.c:nss_init(209)
nss_init: no nss backends configured. Defaulting to "template".
[2008/04/17 11:58:48, 4] nsswitch/nss_info.c:nss_get_info(268)
nss_get_info: Failed to find nss domain pointer for MSOE
This would seem to be the problem, except how did winbind find the uid and gid that
sfu has, if no nss backend could be found?
The relevant bits of my smb.conf are below:
security = ADS
workgroup = MYDOMAIN
realm = mydomain.tld
idmap domains = MYDOMAIN
idmap config MSOE:backend = ad
idmap config MSOE:default = yes
idmap config MSOE:schema_mode = sfu
idmap config MSOE:range = 500-45000
idmap alloc backend = tdb
idmap alloc config:range = 45001-60000
winbind cache time = 0
winbind enum groups = yes
winbind enum users = yes
winbind nested groups = yes
winbind nss info = sfu
winbind separator = +
winbind use default domain = yes
IT Systems Administrator, Milwaukee School of Engineering
1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A.
"The whole truth is generally the ally of virtue; a half-truth is always the ally of some vice."
~ G. K. Chesterton
More information about the samba