If you are using S4 as an ADDC then you are using the builtin winbind and as far as I can see, this cannot provide group memberships via getent.
I could be wrong but I believe that all the builtin winbind pulls from AD is the users name & users primary group. These are either via some algorithm or via rfc2307 uidNumber & gidNumber that must be added manually. As far as I can see, the only way to get getent on the S4 server to show groupmembers is to use sssd If you want to use the S4 server also as a fileserver, you must ensure that the users have the same uidNumber everywhere. This means that you must use rfc2307 attributes and use something to pull them, i.e the winbind ad backend or sssd, the winbind rid backend will not do - it will never give you the same uidNumber on the S3 clients as on the S4 AD server. On 24 June 2013 07:05, <philippe.simo...@swisscom.com> wrote: > Hi **** > > ** ** > > that’s my setting today (AD with 4.06 and files server with 3.6). Working > great, but my goal is really to **** > > get rid of that (just one machine).**** > > thanks and regards**** > > ** ** > > philippe**** > > ** ** > > *From:* Ali Bendriss [mailto:ali.bendr...@gmail.com] > *Sent:* Friday, June 21, 2013 3:39 PM > *To:* samba@lists.samba.org > *Cc:* Rowland Penny; Simonet Philippe, ITS-OUS-OP-IFM-NW-IPE > > *Subject:* Re: [Samba] samba4 missing group membership with getent group** > ** > > ** ** > > On Friday, June 21, 2013 10:12:26 AM Rowland Penny wrote:**** > > > Hi, well yet another reason to use sssd instead of winbind.**** > > > [...]**** > > **** > > Hi,**** > > **** > > An other option is to use samba AD in one server and the file server (smbd > + winbindd) in an other. Since I've done that (last year I think) I've got > no problem at all. At first you may think that it's to much resources (2 > servers or vm) but it's really flexible and easy to maintain.**** > > **** > > --**** > > Ali**** > > **** > > **** > > **** > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
