[Samba] wbinfo ok, but getent nothing

Jean-Yves Avenard jyavenard at gmail.com
Sat Feb 5 04:54:33 MST 2011 

Hi there.

Feel like I'm getting nowhere.

Code:

FreeBSD samba 3.6.6 ; connected to a Windows 2008 R2 AD

wbinfo -u and wbinfo -g will properly show all the users and groups ;
but for some reasons, I can get getent with winbind to show any
users...

I've must have tried over 100 different configuration, read all the
tutorials I could find ; I never got it to work :(

smb.conf:
[global]
security = ADS
workgroup = MEL
realm = mel.domain.com
wins server = ad.domain.com
password server = ad.domain.com

winbind uid = 1000 - 20000
winbind gid = 1000 - 20000
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind refresh tickets = Yes
winbind nested groups = No
#winbind separator = +

idmap uid = 1000 - 20000
idmap gid = 1000 - 20000
idmap config MEL : backend  = rid
idmap config MEL : base_rid = 1000
idmap config MEL : range    = 1000 - 20000
map untrusted to domain = Yes

I also compiled samba with -DDEBUG_NSS in order to determine what was going on.

wbinfo -u and wbinfo -g properly shows all the username and groups
defined on the AD

however, getent passwd only return the local users:

Code:

group: files winbind
#group_compat: ldap
hosts: files dns
networks: files
passwd: files winbind
#passwd: compat
#passwd_compat: winbind
shells: files
services: files
protocols: files
rpc: files

getend passwd returns:
Code:

# getent passwd
[22522]: endpwent
[22522]: endpwent returns NSS_STATUS_SUCCESS (1)
... list of local users
[22522]: getpwent
[22522]: getpwent returns NSS_STATUS_NOTFOUND (0)
[22522]: setpwent
[22522]: setpwent returns NSS_STATUS_SUCCESS (1)

That is shows the debug information leads me to believe that
nss_winbind is properly called.

Code:

# net ads info
LDAP server: 192.168.0.3
LDAP server name: ad.domain.com
Realm: MEL.DOMAIN.COM
Bind Path: dc=MEL,dc=DOMAIN,dc=COM
LDAP port: 389
Server time: Sat, 05 Feb 2011 20:13:24 EST
KDC server: 192.168.0.3
Server time offset: 9

So what am i missing ????

Thank you for your help
Jean-Yves

More information about the samba mailing list