[Samba] nss_windbind.so can't see groups that wbinfo -g can (4.0.9 as AD DC)
Trent W. Buck
trentbuck at gmail.com
Tue Oct 15 20:18:53 MDT 2013
trentbuck at gmail.com (Trent W. Buck) writes:
> I'm running Debian 7 with samba 4.0.9dfsg1-1 built from
> git://git.debian.org/pkg-samba/samba. I'm using samba as an AD DC,
> with accounts migrated from a samba3/slapd stack using samba-tool
> domain classicupgrade.
>
> What I find confusing is that there are groups in samba -- as
> confirmed by samba-tool group list, ldapsearch and wbinfo -g -- that
> are not reported by getent groups (glibc's nss query tool). Further,
> getent groups can reverse-resolve GIDs into the missing groups.
FTR, I gave up and used libnss-ldapd instead, which is working well
enough for now, more or less per
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
I'm still interested in investigating/resolving the winbind weirdness if
anyone, though.
More information about the samba
mailing list