hi everyone> Yes, but you can add these two lines to smb.conf: > > winbind enum users = yes > winbind enum groups = yes > > This will allow getent to list all users and groups, but is not > recommended if you have a lot of users. > > Rowlandthanks the dc's now lists all the domain users and groups. the domain users gid is correct on both dc's the uid for nfs-mgr which i changed on dc1 to 10005 are different dc1 shows TISSISAT\nfs-mgr:*:10005:20513::/home/TISSISAT/nfs-mgr:/bin/false dc2 shows TISSISAT\nfs-mgr:*:3000022:20513::/home/TISSISAT/nfs-mgr:/bin/false i use osync to replicate between the dc's, should the uid be in sync ?> Subject: > Re: [Samba] getent not displaying builtin groups or users > From: > "Micha Ballmann" <ballmann at uni-landau.de> > Date: > 03/11/16 21:16 > > To: > <samba at lists.samba.org> > > > I got a similar issue. This solved my problem: > > https://wiki.samba.org/index.php/Libnss_winbind_Links > > >libnss winbind links are :- uname -a Linux tardis 4.4.28-1-ARCH #1 SMP Fri Oct 28 19:13:11 MDT 2016 armv7l GNU/Linux smbd -b | grep LIBDIR LIBDIR: /usr/lib ls -al /usr/lib/libnss_winbind* lrwxrwxrwx 1 root root 19 Oct 27 09:17 /usr/lib/libnss_winbind.so -> libnss_winbind.so.2 -rwxr-xr-x 1 root root 13708 Oct 27 09:17 /usr/lib/libnss_winbind.so.2 ls -al /lib/libnss_winbind* lrwxrwxrwx 1 root root 19 Oct 27 09:17 /lib/libnss_winbind.so -> libnss_winbind.so.2 -rwxr-xr-x 1 root root 13708 Oct 27 09:17 /lib/libnss_winbind.so.2 afaics the library and links are there. shadrock
On Fri, 4 Nov 2016 10:05:15 +0000 niya levi via samba <samba at lists.samba.org> wrote:> hi everyone > > > Yes, but you can add these two lines to smb.conf: > > > > winbind enum users = yes > > winbind enum groups = yes > > > > This will allow getent to list all users and groups, but is not > > recommended if you have a lot of users. > > > > Rowland > thanks the dc's now lists all the domain users and groups. > > the domain users gid is correct on both dc's > > the uid for nfs-mgr which i changed on dc1 to 10005 are different > > dc1 shows > > TISSISAT\nfs-mgr:*:10005:20513::/home/TISSISAT/nfs-mgr:/bin/false > > dc2 shows > > TISSISAT\nfs-mgr:*:3000022:20513::/home/TISSISAT/nfs-mgr:/bin/false > > i use osync to replicate between the dc's, should the uid be in sync ? >Yes, but nothing to do with osync or sysvol. If you give a user a uidNumber, it should be used instead of the xidNumber (10005 uidNumber, 3000022 = xidNumber) and the uidNumber should be replicated to all DCs. Try running 'net cache flush' on dc2, this may fix your problem, if it doesn't, check on each DC that replication is working. Rowland