Hello,
I'm bringing up a AD domain member server on RHEL 7.4 which provides
packages with samba 4.6.2. I've joined the domain and cannot seem to get
this command to provide a list of group members:
getent group adgroupname
what comes back is just
adgroupname:x:gid:
On another machine running RHEL 6.8, the same getent returns a full listing:
adgroupname:*:gid:user1,user2,user3,etc
id username
does return a nice listing of all the groups a particular user is a member
of.
Any clues on what I might be missing here?
Thanks.
/etc/nsswitch.conf:
passwd: files winbind
group: files winbind
smb.conf :
[global]
security = ADS
workgroup = SAMDOM
realm = SAMDOM.X.Y
server string = Samba Server Version %v
netbios name = ads-name
username map = /etc/samba/smbusers
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config SAMDOM : backend = rid
idmap config SAMDOM : range = 10000-10000000
idmap config SAMDOM : base_rid = 0
client signing = required
server signing = auto
client ipc signing = required
;winbind enum users = no
;winbind enum groups = no
winbind use default domain = yes
winbind offline logon = false
winbind nested groups = yes
encrypt passwords = yes
client use spnego = yes
client lanman auth = no
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
