[Samba] Domain admins group missing from domain member
Roy Eastwood
spindles7 at gmail.com
Sun Dec 13 09:12:50 UTC 2020
> Hi all,
> I'm having a strange issue with one of my samba domains that I hope you can help with.
> Simply put, getent group|grep "domain admins" returns (as expected) domain admins:x:3000061:on both my DC's , but comes out
> empty on both linux domain members.
[snip]
getent group will not show the AD groups unless the line:
winbind enum groups = yes
is in the global section of smb.conf. Similarly getent users will not show the users in AD without the line:
winbind enum users = yes
in smb.conf.
Try getent group "domain admins" - it should give you the appropriate output.
Not sure why it works on the DCs though without the above lines in smb.conf though.
HTH
Roy
More information about the samba
mailing list