[Samba] Getent passwd doesn't show Domain Members
Rowland penny
rpenny at samba.org
Tue Jul 19 14:29:44 UTC 2016
On 19/07/16 13:28, Timo Dachs-Wegmann wrote:
> Dear Support-Team,
>
> i have a problem regarding the function of winbind on a samba4 Active Directory Domain Controller.
>
> I installed samba4 from the standard debian sources.
> Made the domain provisioning and installed Kerberos.
> After that I installed winbind and linked the libnss_winbind.so.2 -> libnss_winbind.so.
> Wbinfo -u and wbinfo -g do work properly.
>
> The strange thing is, that
> "getent passwd administrator" gives back this line:
> "administrator:*:0:100::/srv/samba/USERS/administrator:/bin/false"
> So it seems that winbind is working properly, but getent passwd alone doesn't show the local users (same for getent group).
>
> Can you help me with this?
>
> I tried several tutorials and I read a lot of mails regarding this topic but I didn’t find a good answer to my problem.
> I installed it in a lot of different orders (first winbind then samba, first Kerberos then samba and then winbind... etc) after a lot of different instructions.
>
> Samba config:
> [global]
> workgroup = PROCITEC
> realm = PROCITEC.DE
> netbios name = SAMBAPRO
> server role = active directory domain controller
> dns forwarder = 192.168.0.1
> idmap_ldb:use rfc2307 = yes
> registry shares = yes
> template homedir = /srv/samba/%D/%U
>
> I edited the nsswitch.conf:
> passwd: compat winbind
> group: compat winbind
>
> If you need further information please don’t hesitate to contact me
>
> Kind regards
>
> Timo Dachs-Wegmann
>
>
>
>
Try adding:
winbind enum users = yes
winbind enum groups = yes
to smb.conf and restart samba.
Rowland
More information about the samba
mailing list