[Samba] Samba domain users AWOL from Samba file server.

Rowland penny rpenny at samba.org
Tue Oct 22 17:21:38 UTC 2019

On 22/10/2019 17:56, John Redmond via samba wrote:
> Using samba-tool on my samba DC, I created several users.  On my separate
> samba file server, joined to the domain, all the users are listed as
> belonging to Domain Users ( getent group "Domain Users").  However, several
> domain users are missing from the passwd database on the file server (i.e.,
> nothing returned when I run getent passwd user3).   Why would that be?
> Each user has its own uidNumber set using the Windows ADUC RSAT tool.
> Thank you.
> John Redmond

If you are using the 'ad' backend for the main domain on a Unix domain 
member, then you will have a line similar to this:

idmap config DOMAIN : range = 10000-199999

Provided Domain Users has a gidNumber attribute containing a number 
inside the range set in smb.conf (10000-199999 above) and the users have 
a uidNumber attribute containing a unique number in the same range, then 
they should be found by getent. Any uidNumber attributes containing 
numbers outside the range will be ignored.


More information about the samba mailing list