[Samba] nss_winbind / offline logon

Steve Rippl rippls at woodlandschools.org
Fri Oct 16 09:03:22 MDT 2009

On Fri, 2009-10-16 at 14:37 +0300, Petteri Heinonen wrote:
> Hello list users,
> I have been struggling to make my AD integrated Debian Lenny box to work fluently also when network connectivity is down. What I would like to achieve:
> 1) When no network available, local user should still work normally
> 2) If possible, AD located users should still be able to login if they have previously logged in successfully (cached login)
> Number 2 is more like optional, but number 1 would be very much needed. However, it seems that winbind somehow blocks login process for local accounts too if it is not able to get network connection to AD during system boot. These are the relevant lines in my nsswitch.conf:
> passwd:         files winbind
> group:          files winbind
> shadow:         files

I think this does what you want allowing local account to still

passwd:         compat [!NOTFOUND=return] winbind
group:          compat winbind
shadow:         compat

More information about the samba mailing list