[Samba] Winbind missing secondary groups
Luc Lalonde
Luc.Lalonde at polymtl.ca
Wed Jul 27 18:58:11 UTC 2022
Hello,
I can't seem to get a user's secondary groups to show up...
Here are the pertinent lines in my configuration:
### /etc/nsswitch.conf ###
passwd: files winbind
shadow: files
group: files winbind
initgroups: files
hosts: files dns
####################
### /etc/samba/smb.conf ###
idmap config *:backend = tdb
idmap config *:range = 200-999
idmap config EXAMPLE:backend = ad
idmap config EXAMPLE:schema_mode = rfc2307
idmap config EXAMPLE:range = 1000-999999
idmap config EXAMPLE : read only = yes
idmap config EXAMPLE : unix_nss_info = yes
idmap config EXAMPLE : unix_primary_group = yes
winbind nss info = rfc2307
winbind use default domain = yes
winbind expand groups = 3
winbind refresh tickets = Yes
winbind enum groups = Yes
winbind enum users = Yes
#####################
Here's what I get:
[llalonde at moe5 ~]$ id
uid=12690(llalonde) gid=7006(foo) groups=7006(foo)
[llalonde at moe5 ~]$ getent group admingroup
admingroup:x:8000:llalonde,sccmadmin
On another Linux client using SSSD, here's what I get:
uid=12690(llalonde) gid=7006(foo) groups=7006(foo),8000(admingroup)
What am I missing? I think that this is the last missing detail before
I drop SSSD.
--
Luc Lalonde, analyste
-----------------------------
Département de génie informatique:
École polytechnique de MTL
(514) 340-4711 x5049
Luc.Lalonde at polymtl.ca
-----------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20220727/eb24e611/OpenPGP_signature.sig>
More information about the samba
mailing list