On Tue, 2009-04-07 at 16:53 -0500, Jason Ellison wrote:
On Tue, Apr 7, 2009 at 4:03 PM, JohnS jses27@gmail.com wrote:
On Tue, 2009-04-07 at 15:33 -0500, Jason Ellison wrote:
CentOS 5.3 getent does not return data from the active directory (ads)
I have installed and configured kerberos and samba so that the server can be a member of an existing Active Directory (AD). Correct configuration of kerbos was verified using kinit and klist. The samba configuration was verified by using "smbclient -k -L server". winbind was verified by using "wbinfo -g". The problem seems to be nsswitch accessing winbindd to get group information via the "getent group" command. I added winbind to the /etc/nsswitch.conf file like so:
[root@nagios ~]# grep winbind /etc/nsswitch.conf passwd: files winbind shadow: files winbind group: files winbind
Try "hosts: files dns wins" "hosts: files winbind" You realy don't say if your authenticating what and where @. But I do know you did not list "the hosts:" line in nsswitch. One of those should do it. getent group_name will never work with out changing it.
JohnS,
getent is used to get entries from the administrative databases, not particular items. it is my understanding that "getent group_name" would never work. i feel really in the dark here, could you please explain how getent works on your system? is yours modified?
-Jason Ellison
--- Used to enumerate groups and names and it works the same as does on yours. I think you misunderstood what I said. getent want make samba work against ad if that is what your refering to. I was refering to the nsswitch lines. But they appear to be correct. I should have said so.