[Samba] sssd getent problem with Samba 4.0

steve steve at steve-ss.com
Sun Apr 14 02:29:31 MDT 2013

Version 4.0.6-GIT-4bebda4

I have sssd up and running. It works fine except that getent only 
returns domain users if I specify the object e.g.
getent passwd
getent group
return only local users

getent passwd steve2
getent group Domain\ Users
Domain Users:*:20513:
work fine.

passwd: compat sss
group:  compat sss

services = nss, pam
config_file_version = 2
domains = default



access_provider = simple
#simple_allow_users = myuser
enumerate = false
cache_credentials = True
id_provider = ldap
auth_provider = krb5
chpass_provider = krb5
krb5_realm = HH3.SITE
krb5_server = hh16.hh3.site
krb5_kpasswd = hh16.hh3.site
ldap_uri = ldap://hh16.hh3.site/
ldap_search_base = dc=hh3,dc=site
ldap_tls_cacertdir = /usr/local/samba/private/tls
ldap_id_use_start_tls = False
ldap_default_bind_dn = cn=lynn2,cn=Users,dc=hh3,dc=site
ldap_default_authtok = xx
ldap_default_authtok_type = password
ldap_user_object_class = person
ldap_user_name = samAccountName
ldap_user_uid_number = uidNumber
ldap_user_gid_number = gidNumber
ldap_user_home_directory = unixHomeDirectory
ldap_user_shell = loginShell
ldap_group_object_class = group
#ldap_user_search_filter =(&(objectCategory=User)(uidNumber=*))

I've tried
enumerate = true
and it works as expected but strangely, only for the first time after 
sssd is started. it then returns only local users.

Any ideas?

More information about the samba mailing list