[Samba] getent only displays local users & groups
Rowland Penny
rpenny at samba.org
Fri Nov 25 08:18:23 UTC 2016
On Fri, 25 Nov 2016 12:34:57 +1100
Henry <dercni at gmail.com> wrote:
> Thanks Rowland.
>
> getent passwd => lists all local users
>
> getent passwd administrator => returns nothing on DC or member.
>
> I have created an AD user called "henry" and assigned a uid
> getent passwd henry => returns nothing
'getent' will only display domain users provided that:
Each user has a uidNumber attribute containing a unique number inside
the DOMAIN range set in smb.conf, in your case '10000-99999'
The group 'Domain Users' has a gidNumber attribute containing a number
inside the same range
The necessary PAM glue is installed i.e. PAM can talk to winbind.
'winbind' is added to the 'passwd' & 'group' lines
in /etc/nsswitch.conf
>
> root at aphrodite:~# wbinfo -u
> SAMDOM\henry
> SAMDOM\administrator
> SAMDOM\krbtgt
> SAMDOM\guest
>
> I am using Ubuntu 16.04
>
> Are these three extra packages installed on DC or member?
>
You can install them on both if you need to, if you only use the DC for
authentication, then don't install them on the DC, they are the
'missing' bits that turn a DC into a 'fileserver' as well.
If everything is correct, you should get results like this:
rowland at devstation:~$ getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
Rowland
More information about the samba
mailing list