[Samba] AD Domain member - getent passwd truncated to only 18 users
L.P.H. van Belle
belle at bazuin.nl
Thu Dec 13 13:35:04 UTC 2018
I think its good to know the OS first since the range 500-65300 might overlap the system id's
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Rowland Penny via samba
> Verzonden: donderdag 13 december 2018 14:05
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] AD Domain member - getent passwd
> truncated to only 18 users
>
> On Thu, 13 Dec 2018 10:32:04 -0200
> Marcio Vogel Merlone dos Santos via samba
> <samba at lists.samba.org> wrote:
>
> > Em 12/12/2018 17:39, Rowland Penny via samba escreveu:
> > > The above lines are only applicable for Samba >= 4.6.0
> > > Add: winbind nss info = rfc2307
> > > remove the last two lines, see here for more info:
> > >
> > > https://wiki.samba.org/index.php/Idmap_config_ad
> >
> > Oh, God! Vacation is coming... Thank you for such obvious
> correction.
> >
> > BUT
> >
> > I edited smb.conf the right way, removed winbindd_idmap.tdb and
> > winbindd_cache.tdb and restarted daemons. Now I get rfc2307
> info from
> > AD and not from template. And still, 'getent passwd'
> returns only 18
> > accounts from AD.
> >
> > root at marte:~# cat /etc/samba/smb.conf
> > [global]
> > security = ADS
> > netbios name = Marte
> > realm = AD.TLD
> >
> > workgroup = A1
> >
> > log file = /var/log/samba/%m.log
> > log level = 1
> >
> > winbind use default domain = yes
> > idmap config * : backend = tdb
> > idmap config * : range = 70000-70999
> >
> > idmap config A1 :backend = ad
> > idmap config A1 :schema_mode = rfc2307
> > idmap config A1 :range = 500-65300
> > # idmap config A1 :unix_nss_info = yes
> > # idmap config A1 :unix_primary_group = yes
> >
> > username map = /etc/samba/user.map
> >
> > local master = no
> > domain master = no
> > preferred master = no
> > dns proxy = no
> > encrypt passwords = yes
> > winbind use default domain = yes
> > winbind offline logon = false
> > winbind nss info = rfc2307
> > winbind separator = +
> > winbind enum users = Yes
> > winbind enum groups = Yes
> > password server = eucalipto.ad.TLD
> > root at marte:~#
> >
> >
>
> Do all your users have a uidNumber attribute ?
> Have you done anything strange, such as changing the users primary
> group ID ?
>
> It should work (well it does for me)
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list