[Samba] DNS problems (still) with Linux domain members - using Samba's internal DNS backend

Gary Dale gary at extremeground.com
Wed Apr 26 17:27:00 UTC 2023

On 2023-04-26 11:34, Rowland Penny via samba wrote:
> On 26/04/2023 16:24, Gary Dale via samba wrote:
>> Further to above, I tried the testing it suggested and got this:
>> root at transponder:~# wbinfo -g
>> domain controllers
>> domain computers
>> group policy creator owners
>> dnsadmins
>> denied rodc password replication group
>> protected users
>> schema admins
>> read-only domain controllers
>> enterprise admins
>> allowed rodc password replication group
>> domain admins
>> ras and ias servers
>> enterprise read-only domain controllers
>> dnsupdateproxy
>> cert publishers
>> domain guests
>> domain users
>> root at transponder:~# wbinfo -u
>> krbtgt
>> gary
>> guest
>> administrator
>> which clearly are from the domain - I don't have a local user named 
>> "gary", for example. However the getent tests only show the local 
>> users, which is also what I get when I use it to find domain users - 
>> it fails to find them.
> Have you been running commands such as 'getent passwd' and 'getent 
> group' and not getting any domain users or groups ?
> If so, this is by design, try something like 'getent passwd gary'
> Rowland
No. I am running the tests suggested by the various Samba wiki pages. I 
can do a getent passwd <local account> on my workstation and on my file 
& print server but I can't do a getent passwd <domain account> except on 
my DC. I explicitly showed that in the message before the one you 
replied to. I also showed how I can't do a login to a domain account 
except on the DC.

This failure to get domain account information seems likely to be at the 
heart of the problems I'm having.

More information about the samba mailing list