[Samba] Samba Member Server, Winbind

Oliver Werner oliver.werner at kontrast.de
Thu Jan 28 19:56:42 UTC 2016


I have add a new Samba Member Server to my domain successfully.

I have configured Winbind and get the correct Output from wbinfo -u/-g

getent passwd also works fine.

But when type getent group command i will get only local groups.

Mysteriously, I can put the ADS groups with the chgrp command.
With ls -la command they are also shown after set on file or directory.
The only thing is the getent group command does not show what i want.

My smb.conf looks:

       netbios name = VL02
       security = ADS
       workgroup = HQ
       realm = hq.local

       log file = /var/log/samba/%m.log
       log level = 1

       dedicated keytab file = /etc/krb5.keytab
       kerberos method = secrets and keytab
       winbind refresh tickets = yes

       	winbind trusted domains only = no
       	winbind use default domain = yes
       	winbind enum users  = yes
       	winbind enum groups = yes
	winbind cache time = 60

       # Default idmap config used for BUILTIN and local accounts/groups
       idmap config *:backend = tdb
       idmap config *:range = 500-1299

       # idmap config for domain HQKONTRAST
       idmap config HQ:backend = ad
       idmap config HQ:schema_mode = rfc2307
       idmap config HQ:range = 1300-99999

       # Use settings from AD for login shell and home directory
       winbind nss info = rfc2307

uidNumber of Users start on 10000 and gidNumber of Groups on 1300. So the IDs are in the range.

Anyone knows the Problem or know how to fix?



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.samba.org/pipermail/samba/attachments/20160128/aa77f08d/signature.sig>

More information about the samba mailing list