[Samba] sssd getent problem with Samba 4.0

steve steve at steve-ss.com
Sun Apr 14 02:29:31 MDT 2013

Version 4.0.6-GIT-4bebda4

I have sssd up and running. It works fine except that getent only 
returns domain users if I specify the object e.g.
getent passwd
getent group
return only local users

getent passwd steve2
getent group Domain\ Users
Domain Users:*:20513:
work fine.

passwd: compat sss
group:  compat sss

services = nss, pam
config_file_version = 2
domains = default



access_provider = simple
#simple_allow_users = myuser
enumerate = false
cache_credentials = True
id_provider = ldap
auth_provider = krb5
chpass_provider = krb5
krb5_realm = HH3.SITE
krb5_server = hh16.hh3.site
krb5_kpasswd = hh16.hh3.site
ldap_uri = ldap://hh16.hh3.site/
ldap_search_base = dc=hh3,dc=site
ldap_tls_cacertdir = /usr/local/samba/private/tls
ldap_id_use_start_tls = False
ldap_default_bind_dn = cn=lynn2,cn=Users,dc=hh3,dc=site
ldap_default_authtok = xx
ldap_default_authtok_type = password
ldap_user_object_class = person
ldap_user_name = samAccountName
ldap_user_uid_number = uidNumber
ldap_user_gid_number = gidNumber
ldap_user_home_directory = unixHomeDirectory
ldap_user_shell = loginShell
ldap_group_object_class = group
#ldap_user_search_filter =(&(objectCategory=User)(uidNumber=*))

I've tried
enumerate = true
and it works as expected but strangely, only for the first time after 
sssd is started. it then returns only local users.

Any ideas?

