[Samba] Re: winbind v3.0.26a w. nss info = sfu;
wbinfo fine, getent not
Jonathan Detert
Jonathan.Detert at msoe.edu
Wed Apr 23 19:30:08 GMT 2008
wbinfo can turn names into sids, sids into names, and sids into uids.
However, getent passwd only finds users in the local /etc/passwd file.
Same for getent group. /etc/nsswitch.conf says this:
passwd: files winbind
group: files winbind
shadow: compat
I strace'd the getent command. It said it couldn't find /lib/libnss_winbind.so.2,
so I made that a symlink to /usr/local/samba/lib/nss_info/sfu.so. After that,
the strace output showed it finding and reading the file. However, the command
ended abruptly shortly after that, and I can't tell why. The samba logs don't
seem to show anything at all on behalf of the getent command.
Any ideas? Thanks
winbind was compiled like so:
./configure --with-ads --with-krb5 --with-pam --with-winbind --enable-rfc2307bis --enable-schema-mapping --with-shared-modules=idmap_ad,idmap_rid,rfc2307
smb.conf like so:
security = ADS
workgroup = MYDOMAIN
realm = mydomain.tld
idmap domains = MYDOMAIN
idmap config MYDOMAIN:backend = ad
idmap config MYDOMAIN:default = yes
idmap config MYDOMAIN:schema_mode = sfu
idmap config MYDOMAIN:range = 500-45000
idmap alloc backend = tdb
idmap alloc config:range = 45001-60000
winbind cache time = 0
winbind enum groups = yes
winbind enum users = yes
winbind nested groups = yes
winbind nss info = sfu
winbind separator = +
winbind use default domain = yes
--
Jon Detert
IT Systems Administrator, Milwaukee School of Engineering
1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A.
--
Science without religion is lame, religion without science is blind.
~ Albert Einstein
More information about the samba
mailing list