[Samba] What is --rfc2307-from-nss ??

L.P.H. van Belle belle at bazuin.nl
Wed Nov 26 06:07:31 MST 2014

Debian with Sernet samba 4.1.13 DC and member servers

with just nsswitch.conf configured and samba.

DC : 
root at dc1:~# getent passwd obell
DOMAIN\testuser:*:10000:10000:Test user:/home/users/%U:/bin/sh 

Member server: 
root at mem1:~# getent passwd obell

Rowland you have seen the differences in your user.. 

DC     >INTERNAL\testuser:*:10000:10000:Test User:/home/INTERNAL/testuser:/bin/false
MEMBER >testuser:*:10000:10000:Test User:/home/testuser:/bin/bash
different homes and shell? 



>-----Oorspronkelijk bericht-----
>Van: rowlandpenny at googlemail.com 
>[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>Verzonden: woensdag 26 november 2014 13:11
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] What is --rfc2307-from-nss ??
>On 26/11/14 05:43, Greg Zartman wrote:
>> I'm having a hard time figuring out what the samba-tool user create
>> --rfc2307-from-nss does?  The documentation is a little skinny.
>It runs getpwnam**() to get the users info from another 
>database, so is 
>not much in creating a new user, as the new user in AD must 
>not exist on 
>the underlying OS.
>> I want users I create in the AD to be able to access local 
>file shares on
>> Centos, so I'm setting up the SSSD service, but not entirely 
>sure if SSSD
>> will provide user attributes like the login shell or if I 
>should set it
>> explicitly in the active directory.
>OK, I am not telling you this, but with the users info stored 
>in RFC2307 
>attributes in AD:
>Using winbind (Version 4.1.11-Debian)
>root at debdc:~# getent passwd testuser
>Using sssd (Version 1.11.3)
>root at debdc:~# getent passwd testuser
>testuser:*:10000:10000:Test User:/home/testuser:/bin/bash
>Both on the AD DC
>> Thanks
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list