[Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable

Markus Roth markusroth1983 at gmx.net
Sat Aug 30 09:04:29 MDT 2014

Hi Steve,
yes i missunderstand that. Is this correct that sssd with samba4 is like a"mapping" between active directory and the normal unix users? So that i can work with the domain users like a script and so on... And i have also missunderstand the getent. Now i think it was working all the time since i do the sssd tests but unless it didn't show me the ad users i thougt it's not working... aaaaahhhh... sorry for that :-( 

Gesendet: Samstag, 30. August 2014 um 08:06 Uhr
Von: steve <steve at steve-ss.com>
An: "Markus Roth" <markusroth1983 at gmx.net>
Cc: samba at lists.samba.org
Betreff: Re: [Samba] samba4 internal dns Server ddns for the reverse lookup Zoneable
On Fri, 2014-08-29 at 21:32 +0200, Markus Roth wrote:
> Hi Steve, hi Rowland,
> i was just wondering because the winbind solution shows the users with the domain like the last mail from Rowland. So i thougt sssd should do the same. But when it's ok so i'm happy :-)
> is this correct and do i understand that correct, that i only see the users with getent passwd when i set enumerate = true in the sssd.conf? Because if i set enumerate = false i only see the local users with getent passwd.
> Than i only get my ad-users with getent passwd markus or getent passwd dhcpduser.

Yes, that's correct. Enumeration slows down lookups because everything
then has to be either looked up again or returned from the sss cache. It
is turned off by default in sssd. Don't turn it on unless you need it.

You can turn off the DOMAIN\ part of DOMAIN\user in winbind:
winbind use default domain = Yes
sssd runs on Unix, so you don't need it.

BTW, I am wondering if you actually had this working a long time ago:
you seem to have only just realised that getent passwd returns nothing
unless the domain user is specified. (?)

More information about the samba mailing list