[Samba] getent not returning users/groups
Rowland Penny
rpenny at samba.org
Mon Feb 28 09:10:43 UTC 2022
On Sun, 2022-02-27 at 13:48 -0800, Michael Evans wrote:
> > -----Original Message-----
> > From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of
> > Rowland Penny via samba
> > Sent: Saturday, February 26, 2022 12:19 AM
> > To: samba at lists.samba.org
> > Subject: Re: [Samba] getent not returning users/groups
> >
> > On Fri, 2022-02-25 at 17:01 -0800, Michael Evans via samba wrote:
> > > All groups and all users must have GID and UID entries if they
> > > show
> > > up in the passwd / groups nss list.
> >
> > Only if you are using the winbind 'ad' idmap backend, which Gregory
> > isn't.
> >
> > > Please ensure that at least the user's unix UID and primary group
> > > unix Group ID are set via some method.
> >
> > Why ?
> >
>
> It was my belief this was required for the users and groups to show
> up; but
> that one method for IDs being assigned were the other, non-AD
> storage, local
> ID storage configurations.
You only need to add RFC2307 attributes if you are going to use the
winbind 'ad' idmap backend on Unix domain members, the 'autorid' and
'rid' idmap backends calculate Unix IDs from the RID.
>
> > > There probably should be a wiki page dedicated to just this
> > > issue.
> >
> > There is.
> >
> > Also, the 'enum' lines are only required for troubleshooting
> > purposes
> > (such as this) and shouldn't be in a production smb.conf.
> >
>
> How _should_ the unix IDs for users and groups that are part of the
> domain
> be exposed to the host system outside of Samba? My understanding is
> that
> this was the only way; so I've clearly misunderstood the
> documentation.
It was explained in the wiki, but someone removed it. I am working on
putting it back (when I have the time) and trying to make it clearer.
Rowland
More information about the samba
mailing list