[Samba] idmap ad question
Rowland Penny
rpenny at samba.org
Mon Feb 13 18:41:32 UTC 2023
On 13/02/2023 18:26, Vaughan, Robert J via samba wrote:
> I should mention, I can ssh into the server using my AD creds and the one test share I setup also maps fine, so it all seems to be working, was just curious why 'getent passwd' does not show AD accounts
Provided that the users you want to be visible to Unix have a uidNumber
attribute containing a unique number inside the 225-999999 range and
Domain Users has a gidNumber attribute with a number inside the same
range, it should work.
For it to work, it also depends on /etc/nsswitch.conf being set up
correctly and the winbind links being set up. You have not told us what
OS you are using, but if this was Debian, it would require the
libnss-winbind and libpam-winbind packages. To configure
/etc/nsswitch.conf, you need to add 'winbind' to the 'passwd' and
'group' lines.
You could also try running 'net cache flush' just in case it is a cache
problem.
Rowland
More information about the samba
mailing list