[Samba] getenv does not return any AD DOMAIN users or groups - ?nsswitch is not setup for Samba?
Barry D. Adkins
Barry at daram.com
Sun Nov 18 01:31:14 UTC 2018
> idmap config DOMAIN : range = 50000-1000000
>>Does the 'Domain Users' group have a gidNumber attribute containing a
>>number inside the range above ?
>>Do your users have a uidNumber attribute containing a unique number
>>inside the same range ?
Well, I'm not certain. I used Windows System tools to examine SIDs on the Domain Controller, but I have not found how or for sure if a SID can be converted to a UID.
To be clear, getent passwd reports many entries, but NONE from Active Directory, same for groups.
This whole "exercise" was begun because of the failure of this command:
chown root:"Domain Admins" /srv/samba/filestore/
chown: invalid group: 'root:Domain Admins'
I created /srv/samba/filestore/ to share, and in fact it is shared, but I have not been able to set permissions per this WIKI:
Manpage for wbinfo
Convert a SID to a UNIX user id. If the SID does not correspond to a UNIX user mapped
by winbindd(8) then the operation will fail.
I used the wbinfo command with a SID from a domain user. It fails which seems to confirm that there is some missing link with winbindd as mentioned on the man page.
failed to call wbcStringToSid: WBC_ERR_INVALID_SID
could not convert sid S-1-5-21-346857055-4299993622516-4263914971-1113 to uid
More information about the samba