samba - Aug 2015 - getent does not show domain user/groups

Hello,

I am running Samba 4.2.3 as a ADDC on CentOS 7.
getent passwd/group does not show the domain users and groups.

However, if I try 'getent passwd domainuser' it returns the user.
# getent passwd|grep -i guilherme
# getent passwd guilherme
guilherme:*:3000022:100:Guilherme:/home/ABC/guilherme:/bin/bash

smb.conf:
[global]
        workgroup = ABC
        realm = ABC.ONLINE
        netbios name = STEVE
        server role = active directory domain controller
        dns forwarder = 192.168.20.222
        log level = 3
        winbind enum users = yes
        winbind enum groups = yes
        winbind nss info = rfc2307
        template shell = /bin/bash

# ls -la /lib64/|grep winbind
lrwxrwxrwx   1 root root       40 Jul  7 16:07 libnss_winbind.so ->
/usr/local/samba/lib/libnss_winbind.so.2
lrwxrwxrwx   1 root root       40 Jul  7 16:07 libnss_winbind.so.2 ->
/usr/local/samba/lib/libnss_winbind.so.2

# grep -i winbind /etc/nsswitch.conf
passwd:     files sss winbind
shadow:     files sss winbind
group:      files sss winbind
hosts:      files dns myhostname winbind

# wbinfo -u|grep -i guilherme
guilherme

--

Am I missing something ?
Is this going to break anything ?

On 21/08/15 13:25, Guilherme Boing wrote:
> Hello,
>
> I am running Samba 4.2.3 as a ADDC on CentOS 7.
> getent passwd/group does not show the domain users and groups.
>
> However, if I try 'getent passwd domainuser' it returns the user.
> # getent passwd|grep -i guilherme
> # getent passwd guilherme
> guilherme:*:3000022:100:Guilherme:/home/ABC/guilherme:/bin/bash
>
> smb.conf:
> [global]
>          workgroup = ABC
>          realm = ABC.ONLINE
>          netbios name = STEVE
>          server role = active directory domain controller
>          dns forwarder = 192.168.20.222
>          log level = 3
>          winbind enum users = yes
>          winbind enum groups = yes
>          winbind nss info = rfc2307
>          template shell = /bin/bash
>
> # ls -la /lib64/|grep winbind
> lrwxrwxrwx   1 root root       40 Jul  7 16:07 libnss_winbind.so ->
> /usr/local/samba/lib/libnss_winbind.so.2
> lrwxrwxrwx   1 root root       40 Jul  7 16:07 libnss_winbind.so.2 ->
> /usr/local/samba/lib/libnss_winbind.so.2
>
> # grep -i winbind /etc/nsswitch.conf
> passwd:     files sss winbind
> shadow:     files sss winbind
> group:      files sss winbind
> hosts:      files dns myhostname winbind
>
> # wbinfo -u|grep -i guilherme
> guilherme
>
> --
>
> Am I missing something ?
Yes, getent on the DC no longer returns all users, just like it has 
never returned all groups, also the winbind lines you have added will 
not work on a DC.
> Is this going to break anything ?
No

Rowland