Web lists-archives.com

Re: [Samba] AD Domain member - getent passwd truncated to only 18 users




On Thu, 13 Dec 2018 10:32:04 -0200
Marcio Vogel Merlone dos Santos via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Em 12/12/2018 17:39, Rowland Penny via samba escreveu:
> > The above lines are only applicable for Samba >= 4.6.0
> > Add: winbind nss info = rfc2307
> > remove the last two lines, see here for more info:
> >
> > https://wiki.samba.org/index.php/Idmap_config_ad
> 
> Oh, God! Vacation is coming... Thank you for such obvious correction.
> 
> BUT
> 
> I edited smb.conf the right way, removed winbindd_idmap.tdb and 
> winbindd_cache.tdb and restarted daemons. Now I get rfc2307 info from
> AD and not from template. And still, 'getent passwd' returns only 18 
> accounts from AD.
> 
> root@marte:~# cat /etc/samba/smb.conf
> [global]
>      security = ADS
>      netbios name = Marte
>      realm = AD.TLD
> 
>      workgroup = A1
> 
>      log file = /var/log/samba/%m.log
>      log level = 1
> 
>      winbind use default domain = yes
>      idmap config * : backend = tdb
>      idmap config * : range = 70000-70999
> 
>      idmap config A1 :backend = ad
>      idmap config A1 :schema_mode = rfc2307
>      idmap config A1 :range = 500-65300
>      # idmap config A1 :unix_nss_info = yes
>      # idmap config A1 :unix_primary_group = yes
> 
>      username map = /etc/samba/user.map
> 
>      local master = no
>      domain master = no
>      preferred master = no
>      dns proxy = no
>      encrypt passwords = yes
>      winbind use default domain = yes
>      winbind offline logon = false
>      winbind nss info = rfc2307
>      winbind separator = +
>      winbind enum users = Yes
>      winbind enum groups = Yes
>      password server = eucalipto.ad.TLD
> root@marte:~#
> 
> 

Do all your users have a uidNumber attribute ?
Have you done anything strange, such as changing the users primary
group ID ?

It should work (well it does for me)

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba