Web lists-archives.com

Re: [Samba] Samba 3.6 'getent passwd user' not working

Hi Rowland,

it's fixed, I don't know why, but I copied the smb.conf via copy and past out of my documentation, when I rewirte the parameter in smb.conf it is working. I think there was a hiden charcter wenn copy the smb.conf from y documentation. All the users are shown now with "getent passwd user".


Am 26.02.2018 17:23, schrieb Rowland Penny via samba:
On Mon, 26 Feb 2018 17:06:33 +0100
Stefan Kania via samba <samba@xxxxxxxxxxxxxxx> wrote:


I have a Samba 3.6 server (MUST stay at 3.6) and I want to user the
"ad" backend for usermapping. Here is my smb.conf:
security = ADS
workgroup = example
loglevel = 4

winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
idmap config * : backend = tdb
idmap config * : range = 5000-7999
idmap config EXAMPLE : backend = ad
idmap config EXAMPLE : schema_mode = rfc2307
idmap config EXAMPLE : range = 100000-399999
template shell = /bin/bash
template homedir = /home/%U

It's a CentOS 6 System libnss_winbind is installed, I use the
packages from the distribution. "wbinfo -u" is showing all users:
[root@samba3 ~]# wbinfo -u

A "getent passwd stka" is showing nothing. If I do a "wbinfo
--verbose -i stka" I will see the following errormessage:
[root@samba3 ~]# wbinfo --verbose -i stka
failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
Could not get info for user stka

The user has all the required Unix attributes set in AD, also the
default group has a UIDNumber set in AD.

When you say the user has all the required Unix attributes, I take it
you mean the user has a uidNumber attribute (at least) containing a
unique number inside the 100000-399999 range and that Domain Users has
a gidNumber attribute containing a number inside the same range.

Have you added 'winbind' to the passwd & group lines
in /etc/nsswitch.conf ?

Is winbind installed ?


Stefan Kania
Landweg 13
25693 St. Michaelisdonn

Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre E-Mail. Weiter Informationen unter http://www.gnupg.org

Mein Schlüssel liegt auf


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba