[prev in list] [next in list] [prev in thread] [next in thread] 

List:       samba
Subject:    Re: [Samba] Samba 3.6 'getent passwd user' not working
From:       Stefan Kania via samba <samba () lists ! samba ! org>
Date:       2018-02-27 9:25:48
Message-ID: 538a83768f3aa1e7a22cef775369b98b () kania-online ! de
[Download RAW message or body]

Hi Rowland,

it's fixed, I don't know why, but I copied the smb.conf via copy and 
past out of my documentation, when I rewirte the parameter in smb.conf 
it is working. I think there was a hiden charcter wenn copy the smb.conf 
from y documentation. All the users are shown now with "getent passwd 
user".

Stefan

Am 26.02.2018 17:23, schrieb Rowland Penny via samba:
> On Mon, 26 Feb 2018 17:06:33 +0100
> Stefan Kania via samba <samba@lists.samba.org> wrote:
> 
>> Hello,
>> 
>> I have a Samba 3.6 server (MUST stay at 3.6) and I want to user the
>> "ad" backend for usermapping. Here is my smb.conf:
>> --------------
>> [global]
>> security = ADS
>> workgroup = example
>> realm = EXAMPLE.NET
>> loglevel = 4
>> 
>> winbind nss info = rfc2307
>> winbind trusted domains only = no
>> winbind use default domain = yes
>> idmap config * : backend = tdb
>> idmap config * : range = 5000-7999
>> idmap config EXAMPLE : backend = ad
>> idmap config EXAMPLE : schema_mode = rfc2307
>> idmap config EXAMPLE : range = 100000-399999
>> template shell = /bin/bash
>> template homedir = /home/%U
>> --------------
>> 
>> It's a CentOS 6 System libnss_winbind is installed, I use the
>> packages from the distribution. "wbinfo -u" is showing all users:
>> --------------
>> [root@samba3 ~]# wbinfo -u
>> administrator
>> tuser
>> dns-dc1
>> krbtgt
>> guest
>> stka
>> --------------
>> 
>> A "getent passwd stka" is showing nothing. If I do a "wbinfo
>> --verbose -i stka" I will see the following errormessage:
>> --------------
>> [root@samba3 ~]# wbinfo --verbose -i stka
>> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
>> Could not get info for user stka
>> --------------
>> 
>> The user has all the required Unix attributes set in AD, also the
>> default group has a UIDNumber set in AD.
> 
> When you say the user has all the required Unix attributes, I take it
> you mean the user has a uidNumber attribute (at least) containing a
> unique number inside the 100000-399999 range and that Domain Users has
> a gidNumber attribute containing a number inside the same range.
> 
> Have you added 'winbind' to the passwd & group lines
> in /etc/nsswitch.conf ?
> 
> Is winbind installed ?
> 
> Rowland

-- 
Stefan Kania
Landweg 13
25693 St. Michaelisdonn


Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre 
E-Mail. Weiter Informationen unter http://www.gnupg.org

Mein Schlüssel liegt auf

hkp://subkeys.pgp.net

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
[prev in list] [next in list] [prev in thread] [next in thread]