[Samba] winbindd: getent passwd yields empty GECOS field
johan at hattne.se
Fri Feb 14 17:14:12 UTC 2020
On 2020-02-14 01:05, Andrew Bartlett wrote:
> On Thu, 2020-02-13 at 15:07 -0800, Johan Hattne via samba wrote:
>> Dear all;
>> I'm trying to use winbindd to resolve names in an AD setup. I can
>> authenticate just fine, but I've noticed that for some users "getent
>> passwd" returns a GECOS field populated with displayName from the LDAP
>> servers and for others is does not. For example:
>> $ getent passwd user1
>> user1:*:1111111111:2222222222:John Doe:/home/user1:/bin/bash
>> $ getent passwd user2
>> I don't see any systematic differences between users for which this
>> works and for those where it doesn't, but I would like to see the GECOS
>> populated for all users. I've seen this issue discussed in various
>> places in the past but nowhere solved, so I' hoping there's simple fix.
>> Can anyone provide insight?
> Users who we have seen a login for (and so have cached the full name)
> will get it, others we omit it due to the cost to obtain those for a
> full domain.
> The the 'samlogon cache' as a keyword to understand this more.
Ah, great! That explains it.
I'm still wondering why that cache wasn't refreshed, but that is an
entirely different problem.
// Cheers; Johan
More information about the samba