[Samba] Fwd: getent group fails - fixed
Dermot
paikkos at googlemail.com
Thu Jun 23 07:20:56 MDT 2011
On 23 June 2011 13:14, Bruce Richardson <> wrote:
> On Thu, Jun 23, 2011 at 01:00:55PM +0100, Dermot wrote:
>> Found it.
>>
>> It turns out that the config file for libnss-ldap is
>> /etc/libnss-ldap.conf on my distro (Debian). So NSS was ignoring the
>> config that I had been in /etc/ldap/ldap.conf and taking it from
>> /etc/libnss-ldap.conf.
>
Samba's ldap searches are affected
> by anything that goes into /etc/ldap/ldap.conf, which would cause
> problems if the nsswitch-specific settings had to be stored there.
Perhaps I am not understanding you correctly because that runs counter
my experience. The settings in my /etc/ldap/ldap.conf were correct
whereas the ones in /etc/libnss-ldap.conf were not. It was the search
filters from libnss-ldap.conf that were being used when I did `getent
group`. I think your telling me that getent is tied to the nss
framework so would use that config because that's what I told
nsswitch.conf to do. I would have thought, but I am no expert, that
samba would have used the config from smb.conf and that ldapsearch
(and anything else that didn't have hooks else where) would use
/etc/ldap/ldap.conf.
# /etc/nsswitch.conf
passwd: files ldap
group: files ldap
shadow: files ldap
Your workplace configuration sounds like what I am trying to deploy at mine.
I'll be back. Thanks,
Dermot
More information about the samba
mailing list