System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

"wbinfo -u" works but "getent passwd" does not

 
Firebird_1
Occasional Contributor

"wbinfo -u" works but "getent passwd" does not

Hi,

First off thanks for viewing this and offering suggestions.

What I can do:

authenticate via kerberos
join the ADS domain
=> gives message "Joined SERVER to MYDOMAIN"
run wbinfo -u & -g
=> returns full list of AD users & groups

What seems odd:

wbinfo -m does not return the name of the default domain in any of my config files

What I can't do:

running getent passwd does not return AD users, only local users

My nsswitch.conf file:
passwd: files winbind
shadow: files winbind
group: files winbind

ethers: files
netmasks: files
networks: files
protocols: files winbind
rpc: files
services: files winbind

netgroup: files winbind

publickey: nisplus

automount: files winbind
aliases: files nisplus

My smb.conf file:
workgroup = MYWORKGROUP
realm = MYDOMAIN
security = ads

password server = 192.168.111.2
server string = Linux Server

#Samba Performance
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
client schannel = no


preferred master = no
log level = 3
log file = /var/log/samba/%m.log
max log size = 50
printcap name = cups
printing = cups

# Winbind Settings
winbind separator = +
winbind use default domain = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 10
pass db backend = tdbsam

template shell = /bin/bash
pam password change = yes

template homedir = /home/mydomain/%U

server signing = auto
wins server = 192.168.111.2

dns proxy = no
[samba]
comment = My Samba Share

path = /shares/samba

writeable = yes

[homes]
comment = Home Directories
path = /home/mydomain/%U
root preexec = usr/local/sbin/mkhomedir.sh %U
valid users = %S
writeable = yes

[printers]
comment = All Printers
path = /car/spool/cups
browseable = no
printable = yes
guest ok = yes

[schema]
comment = V8 Schema
path = /var/www/html/schema
writeable = yes
guest ok = yes

of course MYWORKGROUP refers to the name of the workgroup in use and MYDOMAIN refers to the Domain with the ADS.

Any ideas on this one?
From what I've seen, it's most commonly a nsswitch.conf fie problem but I've tripple checked that.

Thanks for your help.
1 REPLY
Firebird_1
Occasional Contributor

Re: "wbinfo -u" works but "getent passwd" does not

Amazingly enough this obscure little site gave me the answer. I'll paste the URL below so that anyone that encounters the same problem can find the solution. Somehow the Winbind Daemon got "confused."


http://www.aerospacesoftware.com/LinuxActiveDirectory.html