[Samba] winbindd: getent passwd yields empty GECOS field

Rowland penny rpenny at samba.org
Fri Feb 14 08:11:16 UTC 2020 

On 13/02/2020 23:07, Johan Hattne via samba wrote:
> Dear all;
>
> I'm trying to use winbindd to resolve names in an AD setup.  I can 
> authenticate just fine, but I've noticed that for some users "getent 
> passwd" returns a GECOS field populated with displayName from the LDAP 
> servers and for others is does not.  For example:
>
>   $ getent passwd user1
>   user1:*:1111111111:2222222222:John Doe:/home/user1:/bin/bash
>   $ getent passwd user2
>   user2:*:3333333333:2222222222::/home/user2:/bin/bash
>
> I don't see any systematic differences between users for which this 
> works and for those where it doesn't, but I would like to see the 
> GECOS populated for all users.  I've seen this issue discussed in 
> various places in the past but nowhere solved, so I' hoping there's 
> simple fix. Can anyone provide insight?
>
> Full smb.conf below (the Time Machine stuff is probably irrelevant, 
> but included for completeness); this is using the buster-samba410 
> packages from https://apt.van-belle.nl/debian.
>
> [global]
>         client signing = required
>         load printers = No
>         local master = No
>         log file = /var/log/samba/log.%m
>         max log size = 1000
>         mdns name = mdns
>         realm = AD.EXAMPLE.COM
>         security = ADS
>         server min protocol = SMB2
>         server signing = required
>         server string = Samba %v (%h)
>         template homedir = /home/%U
>         template shell = /bin/bash
>         winbind use default domain = Yes
>         workgroup = AD
>         fruit:copyfile = yes
>         idmap config * : rangesize = 1000000
>         idmap config * : range = 1734200000 - 1999999999
>         idmap config * : backend = autorid
>         use sendfile = Yes
>         vfs objects = catia fruit streams_xattr
>
>
> [time_machine]
>         comment = Time Machine (%h)
>         path = /var/time_machine/%U
>         read only = No
>         valid users = "@AD.EXAMPLE.COM\mygroup"
>         fruit:model = RackMac
>         fruit:encoding = native
>         fruit:time machine max size = 1024G
>         fruit:time machine = yes
>
> // Best wishes; Johan
>
Have you actually populated all the users 'gecos' attributes ?

Rowland

More information about the samba mailing list