[Samba] Samba 3.6 'getent passwd user' not working

Stefan Kania stefan at kania-online.de
Tue Feb 27 09:25:48 UTC 2018 

Hi Rowland,

it's fixed, I don't know why, but I copied the smb.conf via copy and 
past out of my documentation, when I rewirte the parameter in smb.conf 
it is working. I think there was a hiden charcter wenn copy the smb.conf 
from y documentation. All the users are shown now with "getent passwd 
user".

Stefan

Am 26.02.2018 17:23, schrieb Rowland Penny via samba:
> On Mon, 26 Feb 2018 17:06:33 +0100
> Stefan Kania via samba <samba at lists.samba.org> wrote:
> 
>> Hello,
>> 
>> I have a Samba 3.6 server (MUST stay at 3.6) and I want to user the
>> "ad" backend for usermapping. Here is my smb.conf:
>> --------------
>> [global]
>> security = ADS
>> workgroup = example
>> realm = EXAMPLE.NET
>> loglevel = 4
>> 
>> winbind nss info = rfc2307
>> winbind trusted domains only = no
>> winbind use default domain = yes
>> idmap config * : backend = tdb
>> idmap config * : range = 5000-7999
>> idmap config EXAMPLE : backend = ad
>> idmap config EXAMPLE : schema_mode = rfc2307
>> idmap config EXAMPLE : range = 100000-399999
>> template shell = /bin/bash
>> template homedir = /home/%U
>> --------------
>> 
>> It's a CentOS 6 System libnss_winbind is installed, I use the
>> packages from the distribution. "wbinfo -u" is showing all users:
>> --------------
>> [root at samba3 ~]# wbinfo -u
>> administrator
>> tuser
>> dns-dc1
>> krbtgt
>> guest
>> stka
>> --------------
>> 
>> A "getent passwd stka" is showing nothing. If I do a "wbinfo
>> --verbose -i stka" I will see the following errormessage:
>> --------------
>> [root at samba3 ~]# wbinfo --verbose -i stka
>> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
>> Could not get info for user stka
>> --------------
>> 
>> The user has all the required Unix attributes set in AD, also the
>> default group has a UIDNumber set in AD.
> 
> When you say the user has all the required Unix attributes, I take it
> you mean the user has a uidNumber attribute (at least) containing a
> unique number inside the 100000-399999 range and that Domain Users has
> a gidNumber attribute containing a number inside the same range.
> 
> Have you added 'winbind' to the passwd & group lines
> in /etc/nsswitch.conf ?
> 
> Is winbind installed ?
> 
> Rowland

-- 
Stefan Kania
Landweg 13
25693 St. Michaelisdonn


Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre 
E-Mail. Weiter Informationen unter http://www.gnupg.org

Mein Schlüssel liegt auf

hkp://subkeys.pgp.net

More information about the samba mailing list