[Samba] default backend = rid not showing full group information for users

Jelle de Jong jelledejong at powercraft.nl
Fri May 1 00:00:42 UTC 2020


Hello everybody,

I am trying to use the backend = rid but it is not showing me group 
information of the users after adding the user to the domain groups...

What should I do to have the full group info for the users available?

https://wiki.samba.org/index.php/Idmap_config_rid
# All domain's user accounts and groups are automatically available on 
the domain member.

root at s4ad01:~# samba-tool group listmembers "office"
ldb_wrap open of secrets.ldb
lgaga
jdoe

root at samba01:~# wbinfo --group-info=office
office:x:11106:jdoe,lgaga

oot at samba01:~# id jdoe
uid=11157(jdoe) gid=10513(domain users) groups=10513(domain 
users),11157(jdoe),3001(BUILTIN\users)

root at samba01:~# id lgaga
uid=11155(lgaga) gid=10513(domain users) groups=10513(domain 
users),11155(lgaga),3001(BUILTIN\users)


root at samba01:~# cat /etc/samba/smb.conf
[global]
    workgroup = SAMDOM
    security = ADS
    realm = SAMDOM.POWERCRAFT.NL

    winbind refresh tickets = Yes
    vfs objects = acl_xattr
    map acl inherit = Yes
    store dos attributes = Yes

    dedicated keytab file = /etc/krb5.keytab
    kerberos method = secrets and keytab

    winbind use default domain = yes

    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes

    username map = /usr/local/samba/etc/user.map

    log file = /var/log/samba/%m.log
    log level = 1

    idmap config * : backend = tdb
    idmap config * : range = 3000-7999

    idmap config SAMDOM:backend = rid
#  idmap config SAMDOM:schema_mode = rfc2307
    idmap config SAMDOM:range = 10000-999999
#  idmap config SAMDOM:unix_nss_info = yes

    template shell = /bin/bash
    template homedir = /home/%U

#  idmap config SAMDOM:unix_primary_group = yes

    winbind enum users = yes
    winbind enum groups = yes
#  winbind expand groups = 1



More information about the samba mailing list