* detertj <detertj> [060208 14:45]: > Hello, > > I followed the steps at > http://www.enterprisenetworkingplanet.com/netos/article.php/3487081 > for adding a v3.0.21a samba and winbindd server to a MsAD domain and > configuring nsswitch.conf to find passwd and group info from winbind. > > This seems to have worked out fine, except that I can't 'see' or > 'recognize' certain groups via getent or via wbinfo -g. > > E.g. I can see the 'ccsd-staff' group via getent and wbinfo -g, but i > don't see the 'ccsd-dept-www' group via either.
-- snip -- > Anyone know what's wrong or have an idea of how to debug? Thanks I just stumbled on the explanation and solution: 'wbinfo -g' and 'getent group' use the samaccountname attribute of the group object, but for my 'missing' groups, the samaccountname attrib value was not the same as the 'cn' and 'name' attribs value. Once I set the samAccountName value to be the same as the cn, the 'missing' groups were no longer missing from 'wbinfo -g' or 'getent group'. The 'missing' groups had been created by me via a script using ldap. At the time i created them, i didn't know that i needed to also set the 'samaccountname' attribute, so it was getting automagically set with a seemingly arbitrary value. The MsAD-U&G app never give any indication that the 2 weren't in synch. -- Happy Landings, Jon Detert IT Systems Administrator, Milwaukee School of Engineering 1025 N. Broadway, Milwaukee, Wisconsin 53202, U.S.A. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba