[Samba] getent not returning users/groups
Rowland Penny
rpenny at samba.org
Mon Feb 28 09:18:38 UTC 2022
On Sun, 2022-02-27 at 15:47 -0800, Michael Evans via samba wrote:
> Right, the wiki describes how to have Samba assign unix IDs for use
> within __just samba__. There are segregated pages that describe each
> different storage backend.
>
> The AD backend is the only way to ensure you have the same exact Unix
> UIDs and GIDs in use on all domain.
> The other two methods are both ways of having samba automatically
> assign those IDs and store them locally.
>
> However, that's not the current topic.
>
> What is the _correct_ way of exposing the users defined in the AD to
> unix systems? I'm confused on that, and others are too.
>
> Someone I expect knows much more about samba than I do has stated
> that winbind emum is incorrect for exposing that user and group list
> to NSS services (so that they're shown with getent passwd and getent
> group; as well as any programs that want to validate usernames /
> etc): So what should I and others do instead?
All that the 'enum' lines do is to allow nsswitch to display all users
and group, but this requires Samba to search the entire ldap and this
could be cpu extensive. Samba and the OS, will work without the 'enum'
lines.
Rowland
More information about the samba
mailing list