[Samba] Samba 3.6 'getent passwd user' not working

Stefan Kania stefan at kania-online.de
Mon Feb 26 16:06:33 UTC 2018


I have a Samba 3.6 server (MUST stay at 3.6) and I want to user the "ad" 
backend for usermapping. Here is my smb.conf:
security = ADS
workgroup = example
loglevel = 4

winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
idmap config * : backend = tdb
idmap config * : range = 5000-7999
idmap config EXAMPLE : backend = ad
idmap config EXAMPLE : schema_mode = rfc2307
idmap config EXAMPLE : range = 100000-399999
template shell = /bin/bash
template homedir = /home/%U

It's a CentOS 6 System libnss_winbind is installed, I use the packages 
from the distribution. "wbinfo -u" is showing all users:
[root at samba3 ~]# wbinfo -u

A "getent passwd stka" is showing nothing. If I do a "wbinfo --verbose 
-i stka" I will see the following errormessage:
[root at samba3 ~]# wbinfo --verbose -i stka
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user stka

The user has all the required Unix attributes set in AD, also the 
default group has a UIDNumber set in AD.

On the ADDC I checked for the ypServ30 stuff:
[root at dc1 ~]# ldbsearch -H /var/lib/samba/private/sam.ldb -s base -b 
CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=example,DC=net cn
# record 1
dn: CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=example,DC=net
cn: ypservers

# returned 1 records
# 1 entries
# 0 referrals

What did I do wrong?


More information about the samba mailing list