I have been looking at http://samba.2283325.n4.nabble.com/Trusted-domain-users-unwantedly-mapping-onto-local-domain-users-td3005928.html and I think that if you add this in your nsswitch.conf like it says in the website above: if you already have the passwd: files ldap and group: files ldap in your nsswitch.conf then just add winbind to the end of the lines of the passwd and group lines. just like it is shown below: If you need any more help just email me back, and I will try to help you.
*passwd*: files ldap winbind group: files ldap winbind > ---------- Forwarded message ---------- > From: Gaiseric Vandal <gaiseric.van...@gmail.com> > To: Samba <samba@lists.samba.org> > Date: Mon, 06 Jun 2011 12:04:14 -0400 > Subject: [Samba] getent passwd does not list trusted users > I am running Samba 3.5.5 on Solaris 10. This is the latest Sun/Oracle > provided build. I have an ldap backend for everything (unix+samba accounts, > idmapping for domain trusts.) The Samba server is a PDC for a domain we can > call "SAMBA." Each samba account is tied to a unix account. > > I have a one-way domain trust setup with a Windows 2003 domain which we > can call "WIN2003." SAMBA trusts WIN2003. "getent passwd" and "getent > group" seem to fundamentally be working (depending on syntax) BUT "getent > passwd" does NOT list trusted users. > > > On the solaris machine: > > --------------------------------------------------------------------------------------------------------------------------------------------------------------- > "wbinfo -u" and "wbinfo -g" lists all users in this domain + the > WIN2003 domain. For the SAMBA users, the domain name is stripped out. > > > "getent passwd" - lists all "unix" users (in ldap or /etc/passwd.) > It does not list the samba users - which is the expected and > desired behaviour. > I had expected it to list users from the WIN2003 domain. > > > "getent group" - lists all "unix" groups (in ldap or /etc/passwd) > It does not listed the SAMBA groups - which is the expected and > desired behaviour. > It does list WIN2003 groups- which is also the expected and > desired behaviour. > > > "getent passwd SAMBA\\user" - shows uid, gid, home directory, shell > "getent passwd WIN2003\\user" - shows uid, gid, home directory, shell > > "getent group SAMBA\\group" - shows gid, members > "getent group WIN2003\\group" - shows gid, members > > > "id SAMBA\\user" - shows uid and gid > "id WIN2003 \\user" - shows uid and gid > > > --------------------------------------------------------------------------------------------------------------------------------------------------------------- > > > I can use chown and other commands from solaris command line to grant > rights to a user from the trusted domain. However, in a Windows machine in > samba domain, when setting file permissions, I can not see the trusted > domain. > > > Any thoughts? > > > Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba