[Samba] winbind question

[Steve Thompson]

I could use some input to point out the error in my configuration, which 
eludes me.

Previously I operated a 225-node cluster with samba 4.3 and sssd on the 
Linux boxes. Everything worked OK.

Now I am using samba 4.11.6 on CentOS 7.7, patched up to date. The DC, on 
a KVM VM, is the only node configured so far. I am using winbind in place 
of sssd (my first experience with winbind). BIND9_DLZ pointing to a DNS 
hosted on the same virtual box. The smb.conf is exactly as created by the 
domain provision, except that I added:

 	winbind use default domain = yes
         winbind nss info = rfc2307
 	template shell = /bin/zsh
         template homedir = /fs/home/%U

All installation tests seem to work OK. I create a group and a user 
(username smt) with samba-tool, and add the appropriate loginShell, 
unixHomeDirectory, uidNumber and gidNumber attributes. The "wbinfo -i smt" 
command gives:

 	VOYAGER\smt:*:1000:100::/fs/home/smt:/bin/zsh

while "getent passwd smt" gives:

 	VOYAGER\smt:*:1000:100::/fs/home/smt:/bin/zsh

The things that I don't understand are the absence of gecos, and the 
(uid,gid) of (1000,100). Both the uid and gid are wrong. I don't know 
where winbind is getting these values; if I modify the values in the 
database using ldbmodify and flush the winbind caches, the values returned 
by wbinfo and getent do not change from those shown above. If I change the 
template home directory, the value seen by wbinfo and getent do change as 
expected, since the DB value are evidently not used on a DC. Any pointers?

Steve
---------------------------------------------------------------------------- 
Steve Thompson E-mail:  smt AT vgersoft DOT com Voyager Software LLC Web: 
http://www DOT vgersoft DOT com 3901 N Charles St VSW Support: support AT 
vgersoft DOT com Baltimore MD 21218
   "186,282 miles per second: it's not just a good idea, it's the law"
----------------------------------------------------------------------------