[Samba] winbindd: getent passwd yields empty GECOS field

Christopher Cox chriscox at endlessnow.com
Thu Feb 13 23:33:41 UTC 2020 

On 2/13/20 5:07 PM, Johan Hattne via samba wrote:
> Dear all;
> 
> I'm trying to use winbindd to resolve names in an AD setup.  I can 
> authenticate just fine, but I've noticed that for some users "getent 
> passwd" returns a GECOS field populated with displayName from the LDAP 
> servers and for others is does not.  For example:
> 
>    $ getent passwd user1
>    user1:*:1111111111:2222222222:John Doe:/home/user1:/bin/bash
>    $ getent passwd user2
>    user2:*:3333333333:2222222222::/home/user2:/bin/bash

I also see this problem.  Haven't figured out what's in common to make 
or not make the displayname show up.  There for some and not for others.

> 
> I don't see any systematic differences between users for which this 
> works and for those where it doesn't, but I would like to see the GECOS 
> populated for all users.  I've seen this issue discussed in various 
> places in the past but nowhere solved, so I' hoping there's simple fix. 
> Can anyone provide insight?
> 
> Full smb.conf below (the Time Machine stuff is probably irrelevant, but 
> included for completeness); this is using the buster-samba410 packages 
> from https://apt.van-belle.nl/debian.
> 
> [global]
>          client signing = required
>          load printers = No
>          local master = No
>          log file = /var/log/samba/log.%m
>          max log size = 1000
>          mdns name = mdns
>          realm = AD.EXAMPLE.COM
>          security = ADS
>          server min protocol = SMB2
>          server signing = required
>          server string = Samba %v (%h)
>          template homedir = /home/%U
>          template shell = /bin/bash
>          winbind use default domain = Yes
>          workgroup = AD
>          fruit:copyfile = yes
>          idmap config * : rangesize = 1000000
>          idmap config * : range = 1734200000 - 1999999999
>          idmap config * : backend = autorid
>          use sendfile = Yes
>          vfs objects = catia fruit streams_xattr
> 
> 
> [time_machine]
>          comment = Time Machine (%h)
>          path = /var/time_machine/%U
>          read only = No
>          valid users = "@AD.EXAMPLE.COM\mygroup"
>          fruit:model = RackMac
>          fruit:encoding = native
>          fruit:time machine max size = 1024G
>          fruit:time machine = yes
> 
> // Best wishes; Johan
>

More information about the samba mailing list