[Samba] No domaingroups with getent group
?icro MEGAS
micromegas at mail333.com
Wed Oct 29 05:53:08 MDT 2014
Hello Stefan,
> But "getent group" is not showing any domaingroup. In smb.conf I have
> "winbind enum group = yes" and "winbind enum users = Yes" set.
I have exactly the same behaviour on my two member servers, so you're
not alone. I also already asked here on the list, but unfortunately
noone could give me a reasonable answer to that. To summarize it:
The /etc/nsswitch.conf looks like that:
passwd: compat winbind
group: compat winbind
My domain users all have a uid assigned in the [UNIX Attribute] tab of ADUC. The domain group "Domain Users" and "Domain Admins" also have assigned a gid in the [UNIX Attribute] tab.
"wbinfo -u"
"wbinfo -g"
"id johndoe"
"getent passwd"
all are showing correct results as expected. But when I execute "getent group" I see only the local users in the output. On the other side, when I do "getent group 10000" or "getent group 'Domain Users'" I get the correct result displayed:
domain users:x:10000:
So as conclusion, "getent group" is not outputting the whole groups, but if you tell "getent group ..." to query a certain gid or group name it works. I have no clue what's going on here.
Cheers,
Mirco
More information about the samba
mailing list