[Samba] Issue when adding an user to group

Oliver Werner oliver.werner at kontrast.de
Tue Mar 20 10:02:46 UTC 2018

Hello everybody,

we have an issue with our samba instance of ad member  as fileserver

when i add an user to a group it will adding the user without problems.

i can verify on our two domain controller that the user is in the group with wbinfo -r <user>

Now when i will check it on the member (fileserver) the user will not in the group.

Anyone has an idea what we’ve misconfigured?

Our DCs and Member running on Samba 4.7.6

Here is the configuration of our fileserver

       netbios name = FILE1
       security = ADS
       workgroup = HQ
       realm = HQ.LOCAL

       dedicated keytab file = /etc/krb5.keytab
       kerberos method = secrets and keytab

       winbind trusted domains only = no
       winbind use default domain = yes
       winbind enum users  = yes
       winbind enum groups = yes
       winbind cache time = 300
		 winbind refresh tickets = yes

       # Default idmap config used for BUILTIN and local accounts/groups
       idmap config *:backend = tdb
       idmap config *:range = 500-1023

       # idmap config for domain HQ
       idmap config HQ:backend = ad
       idmap config HQ:schema_mode = rfc2307
       idmap config HQ:range = 1024-99999

       # Use settings from AD for login shell and home directory
       winbind nss info = rfc2307

kind regards
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.samba.org/pipermail/samba/attachments/20180320/c24323d2/signature.sig>

More information about the samba mailing list