[Samba] wbinfo -i returns the same id for all users, authentication doesn't seem to go through winbind at all
Emmanuel Florac
eflorac at intellique.com
Sat Feb 18 12:50:52 UTC 2017
Le Sat, 18 Feb 2017 13:20:52 +0100
Emmanuel Florac via samba <samba at lists.samba.org> écrivait:
> I've got a Debian/Jessie Samba 4.2.14 running as an AD member. ADC is
> a Windows2008R2 server. Join worked without problem.
>
> # net ads testjoin
> Join is OK
>
> wbinfo -u and wbinfo -g work perfectly and provides a list of users
> and groups from the AD as expected. wbinfo -i <user> works too:
>
> # wbinfo -i TESTAD\\testuser
> TESTAD\testuser:*:4294967295:4294967295:testuser:/home/TESTAD/testuser:/bin/false
>
> Edit: something's wrong here, because wbinfo -i maps all users and
> groups to the id 4294967295 which is, as @TheSkunk remarked, 2^32 -1.
I've added
idmap config * : backend = tdb
idmap config * : range = 10000-30000
to smb.conf, and now 'wbinfo -i TESTDOMAIN\\user' returns correct ids.
I've found in the FAQ a mention of this, however it's obsolete:
I have set up a domain member using the idmap_ad backend, but getent
passwd and getent group does not show users or groups
If you want to show all users and groups, you will need to add these
lines to smb.conf:
winbind enumerate users = yes
winbind enumerate groups = yes
These options are not recognized by 'testparm'.
--
------------------------------------------------------------------------
Emmanuel Florac | Direction technique
| Intellique
| <eflorac at intellique.com>
| +33 1 78 94 84 02
------------------------------------------------------------------------
More information about the samba
mailing list