[Samba] getent not listing domain accounts
Henry McLaughlin
henry at incred.com.au
Sat Jan 30 11:55:12 UTC 2016
root at aphrodite:~# getent passwd administrator
root at aphrodite:~# wbinfo -u
administrator
krbtgt
guest
root at aphrodite:~# cat /etc/samba/smb.conf
[global]
netbios name = APHRODITE
security = ADS
workgroup = DOMAIN
realm = AD.DOMAIN.COM.AU
log file = /var/log/samba/%m.log
log level = 1
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind refresh tickets = yes
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
# Important: The ranges of the default (*) idmap config
# and the domain(s) must not overlap!
# Default idmap config used for BUILTIN and local accounts/groups
idmap config *:backend = tdb
idmap config *:range = 2000-9999
# idmap config for domain DOMAIN
idmap config DOMAIN:backend = rid
idmap config DOMAIN:range = 10000-99999
# Use template settings for login shell and home directory
winbind nss info = template
template shell = /sbin/bash
template homedir = /home/%U
root at aphrodite:~#
root at aphrodite:~# cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat winbind
group: compat winbind
shadow: compat
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
root at aphrodite:~#
More information about the samba
mailing list