[Samba] wbinfo work getent passwd does

basti mailinglist at unix-solution.de
Wed Apr 14 10:29:35 UTC 2021 

Hello, i have the above problem again.
getent passwd show only local users. wbinfo -u show also domain users

dpkg -l | grep pam | awk '{print $2}' | xargs
libpam-krb5:amd64 libpam-modules:amd64 libpam-modules-bin libpam-runtime 
libpam-systemd:amd64 libpam-winbind:amd64 libpam0g:amd64

dpkg -l | grep nss | awk '{print $2}' | xargs
libjansson4:amd64 libnss-systemd:amd64 libnss-winbind:amd64 
openssh-client openssh-server openssh-sftp-server openssl

# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         files winbind systemd
group:          files winbind systemd
shadow:         files
gshadow:        files


getent passwd | tail -1
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin

wbinfo -u | tail -1
testuser


cat /etc/krb5.conf
[libdefaults]
	default_realm = SAMDOM.EXAMPLE.COM
	dns_lookup_realm = false
     	dns_lookup_kdc = true



cat /etc/samba/smb.conf
[global]

    security = ADS
    workgroup = SAMDOM
    realm = SAMDOM.EXAMPLE.COM

    log file = /var/log/samba/%m.log
    log level = 3

    idmap config * : backend = tdb
    idmap config * : range = 1000-6999

    # idmap config for the SAMDOM domain
    idmap config SAMDM:backend = ad
    idmap config SAMDOM:schema_mode = rfc2307
    idmap config SAMDOM:range = 7000-20000

     winbind enum users = yes
     winbind enum groups = yes
     winbind use default domain = yes

     vfs objects = acl_xattr
     map acl inherit = yes
     store dos attributes = yes

     # https://lists.samba.org/archive/samba/2014-August/184359.html
     winbind refresh tickets = yes

     dedicated keytab file = /etc/krb5.keytab
     kerberos method = secrets and keytab

     server role = member server

     ############ Misc ############

     load printers = no
     printing = bsd
     printcap name = /dev/null
     disable spoolss = yes

     ldap ssl = no
     create mask = 0777


#======================= Share Definitions =======================

More information about the samba mailing list