[Samba] getent passwd no domainusers
basti.mueller31 at web.de
basti.mueller31 at web.de
Sat Oct 6 15:15:01 UTC 2018
Hi,
I just want to add a linux machine to my samba 4 ad. Its a debian stretch and I installed the following packages:apt-get install winbind libpam-winbind libnss-winbind libpam-krb5 krb5-config krb5-user samba attr ... My machine-configs:
nsswitch.conf:
passwd: files winbind
group: files winbind
shadow: compat
gshadow:files
hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname
network:files
protocols:db files
services: db files
ethers:db files
rpc: db files
netgroup: nis
krb5.conf:
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = true
smb.conf:
[global]
security = ADS
workgroup = EXAMPLE
realm = EXAMPLE.COM
log file = /var/log/samba/%m.log
log level = 1
template shell = /bin/bash
template homedir = /home/%U
winbind nss info = rfc2307
winbind use default domain = yes
winbind offline logon = yes
winbind normalize names = yes
winbind refresh tickets = yes
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 60
winbind nss info = rfc2307
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config EXAMPLE : backend = ad
idmap config EXAMPLE : schema_mode = rfc2307
idmap config EXAMPLE : range = 10000-999999
resolv.conf:
search example.com
nameserver 192.168.2.2
my ad smb.conf:
[global]
netbios name = PDC
realm = EXAMPLE.COM
workgroup = EXAMPLE
server role = active directory domain controller
bind interfaces only = yes
interfaces = br0
idmap_ldb:use rfc2307 = yes
template shell = /bin/bash
template homedir= /home/%U
dns forwarder = 8.8.8.8
ldap server require strong auth = no
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 10
winbind offline logon = yes
allow dns updates = nonsecure and secure
log file = /var/log/samba/%m.log
max log size = 10000
log level = 1
"wbinfo --ping" shows checking the NETLOGON for domain[EXAMPLE] dc connection to "pdc.example.com" succeeded.
"wbinfo -u" show me all domain users
"wbinfo -g" show me all domain groups
"getent group" shows me all local AND domain groups...
BUT getent passwd is only show my local users... not my domain users..
What could be the reason for that?
More information about the samba
mailing list