[Samba] SSSD - inconsistent UIDs - was: Trouble getting uids from nslcd

Peter Serbe peter at serbe.ch
Thu Sep 18 04:23:24 MDT 2014

I followed the advice from Arun, with some mixed success. 
For a couple of days I had no success, while constantly 
seeing that 'getent passwd' did not list domain users, but 

# getent passwd administrator

Finally I got 'getent passwd' working by adding 

enumerate = true

to the sssd.conf file *). Apparently this is a bug in sssd, 
which may or may not occur. Maybe it would be a good idea, 
to add a hint to the wiki documentation, that this option 
might be a try when troubleshooting sssd. 

But now I see another strange thing: I did deleted my 
domain account and added again - but even after a series 
of rebooting setfacl uses the old uid. I did delete the 
SSSD cache at /var/lib/sss/db/, but this did not have any 

Are there any other places, where I should delete something?
Do I need to disable the idmap_ldb:use rfc2307 entry in 
smb.conf? Or would it be best to reprovision samba and 
start all over?

Thank You in advance!

*) got it from here:

Arun Khan schrieb am 09.09.2014 21:55:

> On Tue, Sep 9, 2014 at 8:04 AM, Peter Serbe <peter at serbe.ch> wrote:
>> The reason can be found in the nslcd.conf
>> ...
>> map     passwd  uid                sAMAccountName
>> ...
> Suggest use sssd in place of nslcd.  I have posted a copy of my
> sssd.conf that binds to LDAP (Samba4) in a post.
> -- Arun Khan
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list