[Samba] Surprising behavior with getent on AD service

Rowland Penny rpenny at samba.org
Wed Jan 18 21:40:00 UTC 2023



On 18/01/2023 21:12, Marc-Henri Pamiseux via samba wrote:
> Hi Rowland,
> 
> I'm really happy to talk to you again (the last time was a long time ago).
> 
> For production issues, I can't change these settings at the moment, but 
> I will soon.
> 
> On the file server, the command "getent passwd user2" gives me the 
> correct information about user2.
> But on the AD server, the command "getent passwd user2" still gives me 
> information about user1.

A couple of sanitised examples might help to understand this. From what 
you are saying, it sounds like 'getent passwd user2' is returning a line 
that starts with 'user1'

Or is that things like the 'gecos' and homedirectory are wrong, if it 
is, then that is probably because a rename doesn't rename everything.

> 
> I know 4.14 is outdated, but I can't afford to update. In this network, 
> we still have 2 Apple computers (MacOS 10.5) that use an authentication 
> via the NT1 scheme.

At the moment, Samba has removed very little of the SMBv1 code (and what 
is has, was meant for win95/98 computers), but it has turned it off. It 
doesn't take much to turn it back on, but doing so, makes your network a 
bit more insecure.

Rowland



More information about the samba mailing list