[Samba] winbind rfc2307 not being obeyed

Jeff Sadowski jeff.sadowski at gmail.com
Mon Oct 30 15:49:24 UTC 2017

[root at squints ~]# cat /etc/samba/smb.conf
   security = ads
   realm = MIND.UNM.EDU
   workgroup = MIND
   idmap config * : backend = tdb
   idmap config * : range = 2000-7999
   idmap config MIND:backend = ad
   idmap config MIND:schema_mode = rfc2307
   idmap config MIND:range = 8000-9999999
   winbind nss info = rfc2307
   winbind use default domain = yes
   # so that the users show up in getent
   winbind enum users = yes
   # so that the groups show up in getent
   winbind enum groups = yes
   restrict anonymous = 2
   #added the following 2 for the Badlock updates that change the defaults
   #to no longer work with my domain controllers
   ldap server require strong auth = no
   client ldap sasl wrapping = plain

[root at squints ~]# getent passwd jsadowski

however from an ubuntu machine with the same smb.conf it looks like so
root at daddles:~# getent passwd jsadowski

which is how AD shows it as well.

Did something change in newer versions of samba that I need to add
more config options?

More information about the samba mailing list