Quantcast
Channel: openSUSE Forums
Viewing all articles
Browse latest Browse all 40713

getent group is not working

$
0
0
getent group is not working in an opensuse 13.1 member server for an active directory samba 4 domain
wbinfo -u, wbinfo -g, wbinfo -t and getent passwd | grep SIENIC are working, these are my configuration files and the output of the commands.

Note: the domain controller has samba installed from source (4.1.11), the member server has the distro packages

installed (4.1.0)


Code:

blue25:/home/SIENIC/administrator # wbinfo -u
SIENIC\administrator
SIENIC\dns-server01
SIENIC\krbtgt
SIENIC\guest


Code:

blue25:/home/SIENIC/administrator # wbinfo -g
SIENIC\allowed rodc password replication group
SIENIC\enterprise read-only domain controllers
SIENIC\denied rodc password replication group
SIENIC\read-only domain controllers
SIENIC\group policy creator owners
SIENIC\ras and ias servers
SIENIC\domain controllers
SIENIC\enterprise admins
SIENIC\domain computers
SIENIC\cert publishers
SIENIC\dnsupdateproxy
SIENIC\domain admins
SIENIC\domain guests
SIENIC\schema admins
SIENIC\domain users
SIENIC\dnsadmins


Code:

blue25:/home/SIENIC/administrator # wbinfo -t
checking the trust secret for domain SIENIC via RPC calls succeeded


Code:

blue25:/home/SIENIC/administrator # getent passwd | grep SIENIC
SIENIC\administrator:*:10000:10004:Administrator:/home/SIENIC/administrator:/bin/bash
SIENIC\dns-server01:*:10001:10004:dns-server01:/home/SIENIC/dns-server01:/bin/bash
SIENIC\krbtgt:*:10002:10004:krbtgt:/home/SIENIC/krbtgt:/bin/bash
SIENIC\guest:*:10003:10011:Guest:/home/SIENIC/guest:/bin/bash


Code:

blue25:/home/SIENIC/administrator # getent group | grep SIENIC

blue25:/home/SIENIC/administrator # getent group



/etc/nsswitch.conf

Code:

#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
#      compat                  Use compatibility setup
#      nisplus                Use NIS+ (NIS version 3)
#      nis                    Use NIS (NIS version 2), also called YP
#      dns                    Use DNS (Domain Name Service)
#      files                  Use the local files
#      [NOTFOUND=return]      Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#

# passwd: files nis
# shadow: files nis
# group:  files nis

passwd:    compat winbind
group:    compat winbind

hosts:    files mdns_minimal [NOTFOUND=return] dns
networks:    files dns

services:    files
protocols:    files
rpc:    files
ethers:    files
netmasks:    files
netgroup:    files nis
publickey:    files

bootparams:    files
automount:    files nis
aliases:    files

/etc/krb5

Code:

[libdefaults]
    default_realm = SIENIC.SITE
    clockskew = 300
#    default_realm = EXAMPLE.COM

[realms]
SIENIC.SITE = {
    kdc = server01.sienic.site
    default_domain = sienic.site
    admin_server = server01.sienic.site
}
#    EXAMPLE.COM = {
#                kdc = kerberos.example.com
#        admin_server = kerberos.example.com
#    }

[logging]
    kdc = FILE:/var/log/krb5/krb5kdc.log
    admin_server = FILE:/var/log/krb5/kadmind.log
    default = SYSLOG:NOTICE:DAEMON
[domain_realm]
    .sienic.site = SIENIC.SITE
[appdefaults]
pam = {
    ticket_lifetime = 1d
    renew_lifetime = 1d
    forwardable = true
    proxiable = false
    minimum_uid = 1
}

/etc/samba/smb.conf

Code:

[global]
    workgroup = SIENIC
    passdb backend = tdbsam
    printing = cups
    printcap name = cups
    printcap cache time = 750
    cups options = raw
    map to guest = Bad User
    include = /etc/samba/dhcp.conf
    logon path = \\%L\profiles\.msprofile
    logon home = \\%L\%U\.9xprofile
    logon drive = P:
    usershare allow guests = No
    #idmap gid = 10000-20000
    #idmap uid = 10000-20000
    kerberos method = secrets and keytab
    realm = SIENIC.SITE
    security = ADS
    template homedir = /home/%D/%U
    template shell = /bin/bash
    usershare max shares = 100
    winbind offline logon = yes
    winbind refresh tickets = yes
    vfs objects = acl_xattr
    map acl inherit = yes
    store dos attributes = yes
    idmap config *:range = 50000-60000
    idmap config SIENIC:backend = ad
    idmap config SIENIC:schema_mode = rfc2307
    idmap config SIENIC:range = 10000-20000
    winbind enum users = yes
    winbind enum groups = yes


Viewing all articles
Browse latest Browse all 40713

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>