[Samba] AD Domain member - getent passwd truncated to only 18 users
Marcio Vogel Merlone dos Santos
marcio.merlone at a1.ind.br
Thu Dec 13 12:32:04 UTC 2018
Em 12/12/2018 17:39, Rowland Penny via samba escreveu:
> The above lines are only applicable for Samba >= 4.6.0
> Add: winbind nss info = rfc2307
> remove the last two lines, see here for more info:
>
> https://wiki.samba.org/index.php/Idmap_config_ad
Oh, God! Vacation is coming... Thank you for such obvious correction.
BUT
I edited smb.conf the right way, removed winbindd_idmap.tdb and
winbindd_cache.tdb and restarted daemons. Now I get rfc2307 info from AD
and not from template. And still, 'getent passwd' returns only 18
accounts from AD.
root at marte:~# cat /etc/samba/smb.conf
[global]
security = ADS
netbios name = Marte
realm = AD.TLD
workgroup = A1
log file = /var/log/samba/%m.log
log level = 1
winbind use default domain = yes
idmap config * : backend = tdb
idmap config * : range = 70000-70999
idmap config A1 :backend = ad
idmap config A1 :schema_mode = rfc2307
idmap config A1 :range = 500-65300
# idmap config A1 :unix_nss_info = yes
# idmap config A1 :unix_primary_group = yes
username map = /etc/samba/user.map
local master = no
domain master = no
preferred master = no
dns proxy = no
encrypt passwords = yes
winbind use default domain = yes
winbind offline logon = false
winbind nss info = rfc2307
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
password server = eucalipto.ad.TLD
root at marte:~#
--
*Marcio Merlone*
More information about the samba
mailing list