[Samba] getent passwd does not list trusted users

Gaiseric Vandal gaiseric.vandal at gmail.com
Mon Jun 6 10:04:14 MDT 2011

I am running Samba 3.5.5 on Solaris 10.  This is the latest Sun/Oracle 
provided build.  I have an ldap backend for everything (unix+samba 
accounts, idmapping for domain trusts.)  The Samba server is a PDC for a 
domain we can call "SAMBA."    Each samba account is tied to a unix 

I have a one-way  domain trust setup with a Windows 2003 domain which we 
can call "WIN2003."  SAMBA trusts WIN2003.   "getent passwd" and "getent 
group" seem to fundamentally be working (depending on syntax)  BUT 
"getent passwd" does NOT list trusted users.

On the solaris machine:
"wbinfo -u"  and "wbinfo -g"    lists all users in this domain + the 
WIN2003 domain.   For the SAMBA users, the domain name is stripped out.

  "getent passwd" -  lists all "unix" users (in ldap or /etc/passwd.)
         It does not list the samba users -  which is the expected and 
desired behaviour.
         I had expected it to list users from the WIN2003 domain.

"getent group"  -  lists all "unix" groups  (in ldap or /etc/passwd)
         It does not listed the SAMBA groups - which is the expected and 
desired behaviour.
         It does list WIN2003 groups-  which is  also the expected and 
desired behaviour.

"getent passwd SAMBA\\user" -  shows uid, gid, home directory, shell
"getent passwd WIN2003\\user" -  shows uid, gid, home directory, shell

"getent group SAMBA\\group" -  shows gid, members
"getent group WIN2003\\group" -  shows gid, members

"id SAMBA\\user" -  shows uid and gid
"id  WIN2003 \\user" -  shows uid and gid


I can use chown and other commands from solaris command line  to grant 
rights to a user from the trusted domain.  However, in a Windows machine 
in samba domain, when setting file permissions, I can not see the 
trusted domain.

Any thoughts?


More information about the samba mailing list