[Samba] Samba 4.1 gentent, ls, no display domain user name on Primary ACDC but wbinfo -u yes

Rowland Penny rowlandpenny at googlemail.com
Mon Mar 23 08:44:10 MDT 2015 

On 23/03/15 14:19, Jhon P wrote:
> It's a shame not to be able to obtain users on this DC with getent.

You Should be able to, here is an example line from running 'getent 
passwd' on my first DC:

EXAMPLE\testuser3:*:3000069:10000:Test 
User3:/home/EXAMPLE/testuser3:/bin/bash

>
> I would make the server is correctly configured and manageable, has 
> many resources to be used.

There are other problems with using a samba4 DC as a fileserver, there 
have been reports of excessive use of filespace that goes away after a 
reboot, for instance.

>
> Having UIDS eg 3000001 without knowing who owns it is a shame.
>

You can find out, if you must, but there are really no reasons to do so 
on a DC.

> Maybe upgrading to 4.2 this DC these things can work.
> Maybe try updating this DC from the sources.
>

If you update, but still use the ldb files you have now i.e. you do not 
provision and start fresh, you will probably have the same problem. You 
seem to have done everything you can to get RFC2307 working, I think the 
problem must lie in you not provisioning with rfc2307 at the start.
> If there is something to do to solve this problem really is very helpful.
>
> If there is anything else I can do just let me know.
>

I think that the only way to ensure everything will work correctly, is 
to start again, install a new DC using either Wheezy or Jessie (Jessie 
is frozen, so should be safe to use), use either the packages from 
backports (if using wheezy) or the standard jessie packages or the 
Sernet packages (if they have issued 4.2 packages, no need to bother if 
they haven't). Once you have a new clean OS up with samba4 installed, 
provision it using this command:

samba-tool domain provision --use-rfc2307 --use-xattrs=yes --realm=<YOUR 
SAMBA REALM> --domain=<YOUR DOMAIN NAME} \
     --dns-backend=SAMBA_INTERNAL --server-role=dc 
--function-level=2008_R2 --adminpass=<YOUR ADMINISTRATOR PASSWORD>

You will however have to join your windows machines to this new domain.

Rowland

>
> Rowland I really appreciate your help and time you spent.
>
> Thank You. :-)
>

More information about the samba mailing list