Web lists-archives.com

Re: [Samba] AD Domain member - getent passwd truncated to only 18 users




Em 12/12/2018 17:39, Rowland Penny via samba escreveu:
The above lines are only applicable for Samba >= 4.6.0
Add: winbind nss info = rfc2307
remove the last two lines, see here for more info:

https://wiki.samba.org/index.php/Idmap_config_ad

Oh, God! Vacation is coming... Thank you for such obvious correction.

BUT

I edited smb.conf the right way, removed winbindd_idmap.tdb and winbindd_cache.tdb and restarted daemons. Now I get rfc2307 info from AD and not from template. And still, 'getent passwd' returns only 18 accounts from AD.

root@marte:~# cat /etc/samba/smb.conf
[global]
    security = ADS
    netbios name = Marte
    realm = AD.TLD

    workgroup = A1

    log file = /var/log/samba/%m.log
    log level = 1

    winbind use default domain = yes
    idmap config * : backend = tdb
    idmap config * : range = 70000-70999

    idmap config A1 :backend = ad
    idmap config A1 :schema_mode = rfc2307
    idmap config A1 :range = 500-65300
    # idmap config A1 :unix_nss_info = yes
    # idmap config A1 :unix_primary_group = yes

    username map = /etc/samba/user.map

    local master = no
    domain master = no
    preferred master = no
    dns proxy = no
    encrypt passwords = yes
    winbind use default domain = yes
    winbind offline logon = false
    winbind nss info = rfc2307
    winbind separator = +
    winbind enum users = Yes
    winbind enum groups = Yes
    password server = eucalipto.ad.TLD
root@marte:~#


--
*Marcio Merlone*
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba