FreeBSD samba+winbind

Timur I. Bakeyev timur at
Tue Nov 30 17:06:04 UTC 2010

Hi, Ivo!

Just a wild guess - could it be the result of moving lockdir in
Samba3.5 port from /var/db/samba34 back to /var/db/samba ? Can you
check, that, by renaming appropriate directory?


On Mon, Nov 22, 2010 at 10:15 PM, Ivo Karabojkov <ivo at> wrote:
> Perhaps I couldn't get any attention with my problem or I couldn't explain it
> in enough details.
> As you probably read, IDMapping works OK. It seems that my problem occurs in
> nsswitch. In my /etc/nsswitch.conf I have:
> group: files winbind
> #group_compat: nis
> hosts: files dns
> networks: files
> passwd: files winbind
> #passwd_compat: nis
> shells: files
> services: compat
> services_compat: nis
> protocols: files
> rpc: files
> wbinfo -u / -g / -i DOMAIN_user works OK.
> Name service switch works almost OK, since system utilities like id, pw
> /usershow/, chown, ls resolve domain usernames <-> IDMapped UIDs OK.
> But getent passwd and getent group return only local (system) users /groups.
> Any clue how to make this work too?
> Ivo Karabojkov wrote:
>> Dear Sirs,
>> I am having troubles with IDMapping users from Server 2003 AD to my
>> FreeBSD 8.1 Samba 3.5.
>> Well, most of Samba documentation should be considered outdated, I had
>> total failure with RID backend for IDMap. The only working (so far) for me
>> is the default: tdb.
>> I have set nsswitch.conf, pam.d and so on correctly.
>> And here is my problem: everything works almost fine, wbinfo shows my
>> domain accounts, I am able to set these accounts and groups as owners of
>> files. Commands like ls, chown, id show AD accounts correctly.
>> pw, getent - show only local system accounts.
>> I need Samba only for file sharing with ACLs, no PAM authentication or
>> something more. So, technically, it works but since I can't see ALL
>> accounts with getent I think something is wrong.
>> IDMapped accounts are with uid and gid > 10000
>> I think I am missing something very small and simple, so I hope someone
>> will help me!
>> Thanks in advance,
>> Ivo
> --
> View this message in context:
> Sent from the freebsd-questions mailing list archive at
> _______________________________________________
> freebsd-questions at mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"

More information about the freebsd-questions mailing list