[Samba] id shows only primary group on domain member server

Daniel Thielking daniel.thielking at ias.rwth-aachen.de
Thu Jun 16 06:57:21 UTC 2016

@ Rowland
I'm using the same configuration on a different domain member with 
CentOS7.2 with packaged samba4 RPM's from OS. If I try to use `id 
USERNAME` i get the output in a complete version e.g. uid=USERNAME 
Because of the parameter :
     template shell = /bin/false
I read that this parameter is active just in case if no loginshell was 
set in the AD. In my opinion Security feature to prevent users to login 
without loginshell ;-).

I set all Unix-Attributes (RFC2307) in AD e.g.:

     NIS-Domain: SAMDOM
     UID: Chosen by ADUC
     Login-Shell: /bin/tcsh
     Home-Directory: /home/USERNAME

For the SUPGroups I am using the member of tab in ADUC.
Mentioned above ALL works on the member server with packaged RPM's and 
NOT on the compiled on mentioned earlier in my mails.

If i enter "wbinfo -a USERNAME" I get following output:

     Enter USERNAME's password:
     plaintext password authentication succeeded
     Enter USERNAME's password:
     challenge/response password authentication succeeded

I hope it helps. Thanks guys!

On 16/06/16 08:29, Volker Lendecke wrote:
> On Wed, Jun 15, 2016 at 02:33:22PM +0200, Daniel Thielking wrote:
>> know I have another problem. I compiled samba 4.4.4 on a Centos 7.2 Server
>> no special options for ./configure.
>> Afterwards I followed the article from mentioned below wiki article below,
>> to join Centos 7.2 as an member server to our existing AD.
>> WIKI Article:
>> https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member
>> Now, if i type id USERNAME I only get the users UID, GID and only the GID as
>> the supplementary Group no more groups are showing up. What have I missed?
> What happens if you do a "wbinfo -a <username>" successfully first?
> Volker

More information about the samba mailing list