[Samba] wbinfo work getent passwd does
basti
mailinglist at unix-solution.de
Wed Apr 14 11:07:03 UTC 2021
users look like:
id iustest
uid=7101(NET\iustest) gid=100(users) Gruppen=100(users)
I think it should lokk like
id iustest
uid=7101(NET\iustest) gid=30000(BUILTIN\users) groups=30000(BUILTIN\users)
I have no idea where the gid 100 come from.
On 14.04.21 12:29, basti via samba wrote:
> Hello, i have the above problem again.
> getent passwd show only local users. wbinfo -u show also domain users
>
> dpkg -l | grep pam | awk '{print $2}' | xargs
> libpam-krb5:amd64 libpam-modules:amd64 libpam-modules-bin libpam-runtime
> libpam-systemd:amd64 libpam-winbind:amd64 libpam0g:amd64
>
> dpkg -l | grep nss | awk '{print $2}' | xargs
> libjansson4:amd64 libnss-systemd:amd64 libnss-winbind:amd64
> openssh-client openssh-server openssh-sftp-server openssl
>
> # /etc/nsswitch.conf
> #
> # Example configuration of GNU Name Service Switch functionality.
> # If you have the `glibc-doc-reference' and `info' packages installed, try:
> # `info libc "Name Service Switch"' for information about this file.
>
> passwd: files winbind systemd
> group: files winbind systemd
> shadow: files
> gshadow: files
>
>
> getent passwd | tail -1
> systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
>
> wbinfo -u | tail -1
> testuser
>
>
> cat /etc/krb5.conf
> [libdefaults]
> default_realm = SAMDOM.EXAMPLE.COM
> dns_lookup_realm = false
> dns_lookup_kdc = true
>
>
>
> cat /etc/samba/smb.conf
> [global]
>
> security = ADS
> workgroup = SAMDOM
> realm = SAMDOM.EXAMPLE.COM
>
> log file = /var/log/samba/%m.log
> log level = 3
>
> idmap config * : backend = tdb
> idmap config * : range = 1000-6999
>
> # idmap config for the SAMDOM domain
> idmap config SAMDM:backend = ad
> idmap config SAMDOM:schema_mode = rfc2307
> idmap config SAMDOM:range = 7000-20000
>
> winbind enum users = yes
> winbind enum groups = yes
> winbind use default domain = yes
>
> vfs objects = acl_xattr
> map acl inherit = yes
> store dos attributes = yes
>
> # https://lists.samba.org/archive/samba/2014-August/184359.html
> winbind refresh tickets = yes
>
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
>
> server role = member server
>
> ############ Misc ############
>
> load printers = no
> printing = bsd
> printcap name = /dev/null
> disable spoolss = yes
>
> ldap ssl = no
> create mask = 0777
>
>
> #======================= Share Definitions =======================
>
>
More information about the samba
mailing list