Re: [Samba] Domain member server: user access
- Date: Mon, 25 Sep 2017 16:33:25 +0100
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Domain member server: user access
On Mon, 25 Sep 2017 17:10:57 +0200
"Stefan G. Weichinger via samba" <samba@xxxxxxxxxxxxxxx> wrote:
> Am 2017-09-25 um 17:04 schrieb Rowland Penny via samba:
> > How many times do I have to say this, 'wbinfo' connects directly to
> > AD. To show that your users & groups are known to Unix, you MUST use
> > 'getent'
> I am sorry.
> So you want me to do:
This is strange.
> DC # getent group "domain users"
> ARBEITSGRUPPE\domain users:x:100:
If I turn off winbind in /etc/nsswitch and run 'getent group "Domain
Users"' I get nothing returned, even though there is this in idmap.ldb
> DM # getent group "domain users"
> domain users:x:10513
Whereas with winbind in /etc/nsswitch.conf on both machines, I get the
I always set up libnss-winbind on DCs and use the 'ad' backend on Unix
domain members. So, I cannot remember if this is how a DC works if
you don't setup PAM and libnss_winbind on a DC, but I don't think it
To unsubscribe from this list go to the following URL and read the