[Samba] getent shows only local entries.
Daniel Lang
spaci76 at gmail.com
Sun Jan 26 09:37:46 UTC 2020
Hello,
i installed a fresh Version as AD DC Domain under Debian Bullseye with
Version 4.11.3, this works perfectly. Windows Machines can be sign into the
Domain. Now i create a Fileserver as Domainmember for Service e.g. Profil
and Shares. The Domainjoin succeeded. wbinfo -u shows the AD User, also
wbinfo -g but, i can't retrieve User and Groups with ad Backend. getent
shows only local entries. Both Machines run into an unprivileged LXC
Container. The timing coordinates by Host and are right.
Here are my both configuration files:
krb5.conf
[libdefaults]
default_realm = INTERN.EXAMPLE.DE
dns_lookup_realm = false
dns_lookup_kdc = true
smb.conf
# Global parameters
[global]
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
realm = INTERN.EXAMPLE.DE
security = ADS
server min protocol = SMB2
winbind enum groups = Yes
winbind enum users = Yes
winbind refresh tickets = Yes
workgroup = INTERN
idmap config intern:range = 10000-999999
idmap config intern:schema_mode = rfc2307
idmap config intern:backend = ad
idmap config *:range = 3000-7999
idmap config * : backend = tdb
map acl inherit = Yes
vfs objects = acl_xattr
The winbindd service started correctly.
winbindd version 4.11.3-Debian started.
Copyright Andrew Tridgell and the Samba Team 1992-2019
[2020/01/26 08:46:50.212310, 0]
../../source3/winbindd/winbindd_cache.c:3164(initialize_winbindd_cache)
initialize_winbindd_cache: clearing cache and re-creating with version
number 2
[2020/01/26 08:46:50.213156, 0]
../../lib/util/become_daemon.c:135(daemon_ready)
daemon_ready: daemon 'winbindd' finished starting up and ready to serve
connections
I am grateful for any suggestion.
Best regards
Daniel
More information about the samba
mailing list