[Samba] Samba4 ad dc with Centos7

Marcio Costa marciofoz at gmail.com
Tue Dec 8 12:27:43 UTC 2015 

Hello, I may have a problem with winbind setup.

-with wbinfo -g and wbinfo -u I get all group/user from AD/DC.
-with getent group "Domain Users" and getent passwd "remote_user" I can see
the info about the specific group and specific user.
-with getent group and getent passwd I only see my local group/users.

-I believe that using "getent group" and "getent passwd" I must see all
users, right ?


-I'm using the SerNetSamba Version 4.2.5-SerNet-RedHat-19.el7;
-ps auxf show me:
root     24519  0.0  4.5 578196 45700 ?        Ss   09:59   0:00
/usr/sbin/samba -D
root     24527  0.0  3.2 578196 32812 ?        S    09:59   0:00  \_
/usr/sbin/samba -D
root     24529  0.0  4.7 617856 48016 ?        Ss   09:59   0:00  |   \_
/usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
root     24546  0.0  3.2 617856 32936 ?        S    09:59   0:00  |
\_ /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground

root     24536  0.0  3.2 578196 32788 ?        S    09:59   0:00  \_
/usr/sbin/samba -D
root     24541  0.0  4.5 587664 46480 ?        Ss   09:59   0:00  |   \_
/usr/sbin/winbindd -D --option=server role check:inhibit=yes --foreground
root     24545  0.0  3.5 605676 36492 ?        S    09:59   0:00  |
\_ /usr/sbin/winbindd -D --option=server role check:inhibit=yes --foreground
root     24555  0.0  3.6 605992 36680 ?        S    10:00   0:00  |
\_ /usr/sbin/winbindd -D --option=server role check:inhibit=yes --foreground

-ls /lib64
lrwxrwxrwx. 1 root root  19 Dez  3 11:09 /lib64/libnss_winbind.so ->
libnss_winbind.so.2
-rwxr-xr-x. 1 root root 20K Out 28 07:44 /lib64/libnss_winbind.so.2

-/etc/nsswitch.conf
passwd:     files winbind
shadow:     files winbind
group:      files winbind

-smb.conf
[global]
        workgroup = INTRANET
        realm = INTRANET.UNV
        netbios name = ITU
        server role = active directory domain controller
        dns forwarder = 10.2.3.4
        idmap_ldb:use rfc2307 = yes

        idmap config INTRANET:backend = ad
        idmap config INTRANET:schema_mode = rfc2307
        idmap config INTRANET:range = 10000-9999999

        idmap uid = 10000-9999999
        idmap gid = 1000-9999999

        # Use settings from AD for login shell and home directory
        winbind nss info = rfc2307

        winbind use default domain = yes
        winbind enum users = yes
        winbind enum groups = yes

I appreciate any help about this issue.
Thank you.

More information about the samba mailing list