[Samba] Winbind does not show all groups of all users
Dipl.-Ing. Péter Varkoly
peter at varkoly.de
Mon Mar 16 14:21:09 UTC 2020
Hi!
I'm using 4.10.13 as AD and have the issue that winbind does not show
correct the group membership of some users. # Global
parameters[global] ldap server require strong auth =
no netbios name = admin realm =
XXXX.LOKAL workgroup = XXXX dns forwarder =
8.8.8.8 server role = active directory domain
controller idmap_ldb:use rfc2307 = Yes winbind enum users
= No winbind enum groups = No wide links =
Yes unix extensions = No
bind interfaces only = yes interfaces = 127.0.0.1,
172.16.0.2 ntlm auth = yes template shell = /bin/bash
socket options = TCP_NODELAY TCP_KEEPIDLE=240 TCP_KEEPCNT=4
TCP_KEEPINTVL=15
For examle the user sta is member of the group 10A:ldbsearch -H
/var/lib/samba/private/sam.ldb CN=10A | grep stainstanceType: 4member:
CN=sta,OU=teachers,DC=xxxxx,DC=lokal
ldbsearch -H /var/lib/samba/private/sam.ldb CN=sta | grep 10AmemberOf:
CN=10A,CN=Users,DC=xxxxx,DC=lokal
But id does not show this:uid=4000821(XXXXX\sta) gid=100(users)
Gruppen=100(users),4000005(XXXXX\teachers),4001457(XXXXXX\erdkunde),300
0009(BUILTIN\users)
And:wbinfo --user-groups sta100400000540014573000009
What is wrong with this user??The most of the user have not this
problem.
Regards.
--
Dipl.-Ing. Péter Varkoly
Greuleinweg 37.
D-90411 Nürnberg
More information about the samba
mailing list