On Mon, 2022-02-28 at 15:42 +0000, spindles seven wrote:>
> >
>
> I must be missing something here. If what you say above is true,
> then why does the WiKi advise adding the "winbind enum" lines to
the
> smb.conf in order for the getent commands to show all AD users and
> groups?
It didn't (it seems to have been removed in the pruning of required
information), it said to only to use them for testing purposes.
> Also your other answer in this thread seems to contradict this as
> well. I certainly cannot get the list to include AD users and
> groups without the enum lines.
I doubt I said that and if you must have the 'enum' lines in smb.conf
for your Unix domain member to work, then you have something
exceedingly strangely wrong with your set up.
>
> So what settings "when set up correctly" allow getent to display
all
> users and groups (without the 'enum' lines)?
None, because you do not need them:
rowland at devstation:~$ getent passwd | grep rowland
rowland at devstation:~$
Just running the output of 'getent passwd' through grep with my name,
produces no output.
rowland at devstation:~$ getent passwd rowland
rowland:*:10000:10000:Rowland Penny:/home/rowland:/bin/bash
Yet adding my name to the getent command does.
rowland at devstation:~$ cat /etc/passwd | grep rowland
rowland at devstation:~$
My name is not in /etc/passwd
rowland at devstation:~$ cat /etc/samba/smb.conf | grep 'enum'
rowland at devstation:~$
I do not have the 'enum' lines in smb.conf, yet everything works.
Rowland