[Samba] Getent passwd doesn't show Domain Members

Rowland penny rpenny at samba.org
Tue Jul 19 15:26:46 UTC 2016 

On 19/07/16 15:55, Timo Dachs-Wegmann wrote:
> We already tried this without success...
>
>
> Kind regards
>
> Timo Dachs-Wegmann
> -EDV-
>
> -----Ursprüngliche Nachricht-----
> Von: samba [mailto:samba-bounces at lists.samba.org] Im Auftrag von Rowland penny
> Gesendet: Dienstag, 19. Juli 2016 16:30
> An: samba at lists.samba.org
> Betreff: Re: [Samba] Getent passwd doesn't show Domain Members
>
> On 19/07/16 13:28, Timo Dachs-Wegmann wrote:
>> Dear Support-Team,
>>
>> i have a problem regarding the function of winbind on a samba4 Active Directory Domain Controller.
>>
>> I installed samba4 from the standard debian sources.
>> Made the domain provisioning and installed Kerberos.
>> After that I installed winbind and linked the libnss_winbind.so.2 -> libnss_winbind.so.
>> Wbinfo -u and wbinfo -g do work properly.
>>
>> The strange thing is, that
>> "getent passwd administrator" gives back this line:
>> "administrator:*:0:100::/srv/samba/USERS/administrator:/bin/false"
>> So it seems that winbind is working properly, but getent passwd alone doesn't show the local users (same for getent group).
>>
>> Can you help me with this?
>>
>> I tried several tutorials and I read a lot of mails regarding this topic but I didn’t find a good answer to my problem.
>> I installed it in a lot of different orders (first winbind then samba, first Kerberos then samba and then winbind... etc) after a lot of different instructions.
>>
>> Samba config:
>> [global]
>> 	workgroup = PROCITEC
>> 	realm = PROCITEC.DE
>> 	netbios name = SAMBAPRO
>> 	server role = active directory domain controller
>> 	dns forwarder = 192.168.0.1
>> 	idmap_ldb:use rfc2307 = yes
>> 	registry shares = yes
>> 	template homedir = /srv/samba/%D/%U
>>
>> I edited the nsswitch.conf:
>> passwd:         compat winbind
>> group:          compat winbind
>>
>> If you need further information please don’t hesitate to contact me
>>
>> Kind regards
>>
>> Timo Dachs-Wegmann
>>
>>
>>
>>
> Try adding:
>
> winbind enum users = yes
> winbind enum groups = yes
>
> to smb.conf and restart samba.
>
> Rowland
>
>

It should.

You posted this:

I installed samba4 from the standard debian sources.
Made the domain provisioning and installed Kerberos.
After that I installed winbind and linked the libnss_winbind.so.2 -> 
libnss_winbind.so.

When you installed from debian sources, do you mean you installed the 
debian packages or that you used them to compile your own ?
If you just installed packages, then you don't need to create the links, 
just install libnss-winbind and libpam-winbind

You also say that you installed kerberos, do you mean the client 
packages or server packages ?

Rowland

More information about the samba mailing list