[Samba] sssd getent problem with Samba 4.0

steve steve at steve-ss.com
Sun Apr 14 02:29:31 MDT 2013


Version 4.0.6-GIT-4bebda4

Hi
I have sssd up and running. It works fine except that getent only 
returns domain users if I specify the object e.g.
getent passwd
and
getent group
return only local users

but
getent passwd steve2
steve2:*:3000034:20513:steve2:/home/users/steve2:/bin/bash
and
getent group Domain\ Users
Domain Users:*:20513:
work fine.


/etc/nsswitch.conf
passwd: compat sss
group:  compat sss

/etc/sssd/sssd.conf
[sssd]
services = nss, pam
config_file_version = 2
domains = default

[nss]

[pam]

[domain/default]
access_provider = simple
#simple_allow_users = myuser
enumerate = false
cache_credentials = True
id_provider = ldap
auth_provider = krb5
chpass_provider = krb5
krb5_realm = HH3.SITE
krb5_server = hh16.hh3.site
krb5_kpasswd = hh16.hh3.site
ldap_uri = ldap://hh16.hh3.site/
ldap_search_base = dc=hh3,dc=site
ldap_tls_cacertdir = /usr/local/samba/private/tls
ldap_id_use_start_tls = False
ldap_default_bind_dn = cn=lynn2,cn=Users,dc=hh3,dc=site
ldap_default_authtok = xx
ldap_default_authtok_type = password
ldap_user_object_class = person
ldap_user_name = samAccountName
ldap_user_uid_number = uidNumber
ldap_user_gid_number = gidNumber
ldap_user_home_directory = unixHomeDirectory
ldap_user_shell = loginShell
ldap_group_object_class = group
#ldap_user_search_filter =(&(objectCategory=User)(uidNumber=*))

I've tried
enumerate = true
and it works as expected but strangely, only for the first time after 
sssd is started. it then returns only local users.

Any ideas?
Cheers,
Steve



More information about the samba mailing list