[Samba] winbind v3.0.26a w. nss info = sfu; wbinfo fine, getent not

Jonathan Detert detert at msoe.edu
Wed Apr 23 18:51:41 GMT 2008

wbinfo can turn names into sids, sids into names, and sids into uids.
However, getent passwd only finds users in the local /etc/passwd file.
Same for getent group.  /etc/nsswitch.conf says this:

passwd:         files winbind
group:          files winbind
shadow:         compat

I strace'd the getent command.  It said it couldn't find /lib/libnss_winbind.so.2,
so I made that a symlink to /usr/local/samba/lib/nss_info/sfu.so.  After that,
the strace output showed it finding and reading the file.  However, the command
ended abruptly shortly after that, and I can't tell why.  The samba logs don't
seem to show anything at all on behalf of the getent command.

Any ideas?  Thanks

winbind was compiled like so:

	./configure --with-ads --with-krb5 --with-pam --with-winbind --enable-rfc2307bis --enable-schema-mapping --with-shared-modules=idmap_ad,idmap_rid,rfc2307

smb.conf like so:

	security = ADS
	workgroup = MYDOMAIN
	realm = mydomain.tld

	idmap domains = MYDOMAIN
	idmap config MYDOMAIN:backend = ad
	idmap config MYDOMAIN:default = yes
	idmap config MYDOMAIN:schema_mode = sfu
	idmap config MYDOMAIN:range    = 500-45000
	idmap alloc backend = tdb
	idmap alloc config:range   = 45001-60000

	winbind cache time = 0
	winbind enum groups = yes
	winbind enum users = yes
	winbind nested groups = yes
	winbind nss info = sfu
	winbind separator = +
	winbind use default domain = yes
Jon Detert
IT Systems Administrator, Milwaukee School of Engineering
1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A.
Bad beer is like bad art.  If you endure enough of it, eventually you forget
the alternatives.

More information about the samba mailing list