[Samba] getent acting unreliable with idmap_ad

Fri Jul 30 09:45:00 MDT 2010

Hello,

I personally solved my stability issues when, rather than letting Samba find automatically the AD servers, I stated them clearly : 

- I stated clearly my "password server =" in smb.conf
- I stated clearly my /etc/krb5.conf

I am running on CentOS 5.5, samba 3.0.33.

Apart from that : I have installed SFU on my Windows 2003 AD servers; to me, it seems that getent passwd <username> yields a result
for the accounts which have an Unix account declared in AD through the "Unix attributes", and only for these ones (?).

Regards

---
Robert GRASSO – System engineer

CEDRAT S.A.
15 Chemin de Malacher - Inovallée - 38246 MEYLAN cedex - FRANCE 
Phone: +33 (0)4 76 90 50 45 - Fax: +33 (0)4 56 38 08 30
mailto:robert.grasso at cedrat.com - http://www.cedrat.com  

> -----Message d'origine-----
> De : samba-bounces at lists.samba.org 
> [mailto:samba-bounces at lists.samba.org] De la part de Nico De Ranter
> Envoyé : 30 juillet 2010 13:44
> À : samba at lists.samba.org
> Objet : [Samba] getent acting unreliable with idmap_ad
> 
> 
> I'm trying to get my linux boxes to authenticate to AD using 
> winbind. I
> need to get my uid's from AD so I'm using idmap_ad.
> 
> I got to the point where 'getent passwd' shows me the list of 
> unix users
> from AD with all correct details, however when I do  'getent passwd
> <username>' for any username from the list returned by 
> 'getent passwd' I
> get an empty reply (getent returns error code 2) and I can't 
> login using
> those users.
> 
> As a matter of fact on one of my testmachines it works sometimes.
> 'getent passwd nico' will return my user details and I can logon
> properly but when the system has been quiet for some time it seems to
> forget about the account again.
> 
> Anybody seen this before? Any suggestions on how to debug this?
> 
> I'm trying this on Ubuntu 9.10 and 10.04.
> 
> Thanks in advance,
> 
> Nico
> 
> 
> 
> -- 
> With kind regards
> 
> Nico De Ranter
> Senior System Administrator
> Techsoft Centre
> 
> Technology and Software Centre Europe
> The Corporate Village - Da Vincilaan 7-D1 - B-1935 Zaventem - Belgium
> 
> Phone:    +32 (0)2 700 8641
> Fax:          +32 (0)2 700 8622
> E-mail:    nico.deranter at eu.sony.com
> 
> A division of Sony Europe (Belgium) N.V.
> VAT BE 0413.825.160 - RPR Brussels
> Fortis - BIC GEBABEBB - IBAN BE41293037680010
> 
> 
> 
> **************************************************************
> **********
> The information contained in this message or any of its 
> attachments may be confidential and is intended for the 
> exclusive use of the addressee(s).  Any disclosure, 
> reproduction, distribution or other dissemination or use of 
> this communication is strictly prohibited without the express 
> permission of the sender.  The views expressed in this email 
> are those of the individual and not necessarily those of Sony 
> or Sony affiliated companies.  Sony email is for business use only.
> 
> This email and any response may be monitored by Sony to be in 
> compliance with Sony's global policies and standards
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 