[Samba] Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes

Jhon P patocius at hotmail.com
Mon Mar 23 08:19:59 MDT 2015 

It's a shame not to be able to obtain users on this DC with getent.

 I would make the server is correctly configured and manageable, has many resources to be used.

 Having UIDS eg 3000001 without knowing who owns it is a shame.

 Maybe upgrading to 4.2 this DC these things can work.
 Maybe try updating this DC from the sources.

 If there is something to do to solve this problem really is very helpful.

 If there is anything else I can do just let me know.


 Rowland I really appreciate your help and time you spent.

 Thank You. :-)

> Date: Mon, 23 Mar 2015 13:39:58 +0000
> From: rowlandpenny at googlemail.com
> To: samba at lists.samba.org
> Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes
> 
> On 23/03/15 13:15, Jhon P wrote:
> > Yes its correct.
> >
> > > Date: Mon, 23 Mar 2015 13:09:26 +0000
> > > From: rowlandpenny at googlemail.com
> > > To: samba at lists.samba.org
> > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user 
> > name on Primary ACDC but wbinfo -u yes
> > >
> > > On 23/03/15 12:51, Jhon P wrote:
> > > > One ADDC with linux Debian 7 and Samba4.1 working.}
> > > > Im test "NIS" and works fine after we expand the samba 4 schema. ;-)
> > > >
> > > > This is the DC with the problem of getent and can give domain users
> > > > infoonly "wbinfo -u".
> > > >
> > > > When list directories with "ls" also display UID instead Domain User
> > > > ID in the directories.
> > > > When i use "getent passwd" this also display passwd file users "unix
> > > > users" not domain users.
> > > >
> > > > The Domain Works well anyway and i can manage with "RSAT" but if i
> > > > like manage it with linux its really dificult, because im need give
> > > > the UID and before check it with "wbinfo --uid-info" to know how its
> > > > the owner of a directory for example.
> > > >
> > > > I really want to manage it with linux, because I come from the old
> > > > school of samba 2:-), really depend 100% of microsoft does not 
> > make me
> > > > very happy i think.
> > > >
> > > > All clients are conected to this server.
> > > >
> > > > Regards and thanks.
> > > >
> > > > > Date: Mon, 23 Mar 2015 12:16:54 +0000
> > > > > From: rowlandpenny at googlemail.com
> > > > > To: samba at lists.samba.org
> > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display domain user
> > > > name on Primary ACDC but wbinfo -u yes
> > > > >
> > > > > On 23/03/15 11:42, Jhon P wrote:
> > > > > > Thanks for the clarification.
> > > > > >
> > > > > > They are around 80 clients.
> > > > > > All windows 7 and Xp pro.
> > > > > >
> > > > > > One member server linux with Debian 7 for testing the future file
> > > > > > server. All on this works fine.
> > > > > >
> > > > > > Other servers that are not in the domain
> > > > > >
> > > > > > Thanks.
> > > > > > > Date: Mon, 23 Mar 2015 09:26:08 +0000
> > > > > > > From: rowlandpenny at googlemail.com
> > > > > > > To: samba at lists.samba.org
> > > > > > > Subject: Re: [Samba] Samba 4.1 gentent, ls, no display 
> > domain user
> > > > > > name on Primary ACDC but wbinfo -u yes
> > > > > > >
> > > > > > > On 23/03/15 00:55, Jhon P wrote:
> > > > > > > > It will be necessary to join this PDC to the domain?
> > > > > > >
> > > > > > > Firstly, it is a 'DC' not a 'PDC', there really is no 
> > concept of a
> > > > > > > Primary Domain Controller in active directory, other than 
> > one of the
> > > > > > > FSMO roles. These FSMO roles are the only differences 
> > between DCs ,
> > > > > > > other than this, all DCs are the same (or should)
> > > > > > >
> > > > > > > You do not join a DC to the domain unless it is a second (or
> > > > > > subsequent)
> > > > > > > DC, when you provision a DC or classicupgrade a PDC, it is
> > > > > > automatically
> > > > > > > joined to the domain.
> > > > > > >
> > > > > > > > I did this once and it was not me well and I had to 
> > restore the
> > > > > > backup.
> > > > > > > >
> > > > > > > > The samba documentation does not say anything of this.
> > > > > > > > Remember this isnt a member server this is the PDC, on samba
> > > > ACDC doc
> > > > > > > > say this:
> > > > > > > >
> > > > > > > > "We /*_do not recommend_* using the Domain Controller as a 
> > file
> > > > > > > > Server. This is due to issues with the winbind internal to 
> > the
> > > > Domain
> > > > > > > > Controller./"
> > > > > > > >
> > > > > > > > But I also need to use it because I had no other server to 
> > use
> > > > as a
> > > > > > > > file server.
> > > > > > >
> > > > > > > It is not recommended, but you can do it, there are plenty of
> > > > people
> > > > > > who
> > > > > > > post on here who do use a DC as a fileserver.
> > > > > > >
> > > > > > > Just how many clients do you have and what sort ?
> > > > > > >
> > > > > > > Rowland
> > > > > > >
> > > > > > > >
> > > > > > > > If there is no chance you do not want to waste time with this.
> > > > > > > >
> > > > > > > > Many thank you very much.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > To unsubscribe from this list go to the following URL and 
> > read the
> > > > > > > instructions: https://lists.samba.org/mailman/options/samba
> > > > >
> > > > > What is the DC (you may have said, but if you have, sorry I have
> > > > forgotten)
> > > > >
> > > > > Rowland
> > > > >
> > > > > --
> > > > > To unsubscribe from this list go to the following URL and read the
> > > > > instructions: https://lists.samba.org/mailman/options/samba
> > >
> > > OK, so you have:
> > > A) one debian 7 DC running self compiled samba 4.1.?
> > > B) one debian 7 member server running ?? samba 4.1.?
> > > C) 80 windows clients
> > >
> > > Is this correct ?
> > >
> > > Rowland
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions: https://lists.samba.org/mailman/options/samba
> 
> OK, if your samba 4 AD DC is working as expected and you have a member 
> server, then do not worry about whether getent (on the DC) displays user 
> names or numbers, just as long as your member server is working in the 
> same way. Do not try to log into the DC as a domain user, just use it 
> for what it is recommended for, Authentication.
> 
> What I would suggest you do is, create a new second DC using debian 
> jessie and install samba4 from packages, this will get you 4.1.17, or if 
> Sernet releases 4.2 packages , then use these. You can then join this to 
> your first DC for greater redundancy.
> 
> Rowland
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list