[Samba] ID mapping with SFU not setting shell

Rowland penny rpenny at samba.org
Sun Aug 30 09:31:13 UTC 2020

On 30/08/2020 10:12, O'Connor, Daniel via samba wrote:
> Hi,
> I'm trying to use SFU to set user IDs, shells, etc. but I can't work out the right magic - it always seems to use default template shell and home directory (but the UID seems correct)
> The global section of my smb4.conf looks like so:
> # Global parameters
> [global]
>          log level = all:2
>          netbios name = GATEWAY2
>          realm = BEGER.COM.AU
>          server role = active directory domain controller
>          workgroup = BEGER
>          server services = -dns
>          time server = yes
>          winbind nss info = sfu
>          winbind use default domain = yes
> root at gateway2:~ # getent passwd testuser
> BEGER\testuser:*:123123:20::/home/BEGER/testuser:/bin/false
> Whereas the shell should be /bin/sh and the home directory /home/testuser

No, you would like the shell to be /bin/sh and the home directory 
/home/testuser, but you have a big problem, it doesn't work like that on 
a DC :-(

Winbind only pulls ID's from AD on a DC, it ignores the shell and home 
directories. All DC's are time servers, so don't need that line and the 
two winbind lines do nothing on a DC, so you might as well remove them.


More information about the samba mailing list