[Samba] getent passwd not return the same number of records from a call to another call

Rowland Penny rowlandpenny at googlemail.com
Wed Feb 25 03:06:13 MST 2015 

On 25/02/15 10:03, Rowland Penny wrote:
> On 25/02/15 08:19, Hervé Hénoch wrote:
>> Here is my smb.conf (on member domain) :
>>
>> idmap config * : backend = tdb
>> idmap config * : range = 2000-9999
>> idmap config * : schema_mode = rfc2307
>> idmap config DOMAIN : backend = ad
>> idmap config DOMAIN : schema-_mode = rfc2307
>> idmap config DOMAIN : range = 10000-999999
>>
>> winbind nss info = rfc2307
>> winbind trusted domains only = no
>> winbind use default domain = yes
>> winbind enum users = yes
>> winbind enum groups = yes
>> winbind refresh tickets = yes
>>
>> getent group | grep 700001 gives :
>> domain users:x:70001:
>> info:x:70001:toto,titi,tutu
>>
>> Same group id !!!
>>
>>
>>
>> Le 24/02/2015 21:34, Tim a écrit :
>>> Hello Hervé,
>>>
>>> what's your way of resolution? Are you using winbind, sssd,...?
>>>
>>> Regards
>>> Tim
>>>
>>> Am 24. Februar 2015 20:53:15 MEZ, schrieb "Hervé Hénoch" 
>>> <h.henoch at isc84.org>:
>>>
>>>     Hello
>>>
>>>     On AD Server :
>>>     --------------------
>>>
>>>     We have migrated from S3 to S4 with samba-tools classicupgrade. 
>>> All is
>>>     ok : bind9, winbind but getent has a strange behavior.
>>>
>>>     getent passwd doesn't return the same number of records. So a AD 
>>> user
>>>     can be not present in the response of getent !!!!
>>>
>>>     it can have a big difference of records returned from a call to 
>>> another
>>>     call of getent passwd ...
>>>
>>>     On the other hand, wbinfo -u returns always the same number of 
>>> records.
>>>
>>>     What can be the problem ?
>>>
>>>     (I'm on a debian jessie, rfc2307 is on, and the installation of 
>>> samba
>>>     has been done by apt-get ... )
>>>
>>>
>>>     On AD domain member :
>>> ------------------------------------------------------------------------ 
>>>
>>>
>>>
>>>     We have the same problem (same distribution and installation).
>>>     Futhermore, "getent group" returns some groups with the same ID.
>>>
>>>     Maybe problems are bounded.
>>>
>>>
>>>     Regards
>>>
>>
>
> does 'cat /etc/passwd | grep [i]nfo' return anything ??
>
> Rowland
>

OOPs, that should have been:

Does 'cat /etc/group | grep [i]nfo' return anything ??

Rowland

More information about the samba mailing list