SUSE Support

Here When You Need Us

Samba as an AD member does not show all users

This document (3430253) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 10 Service Pack 1
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9 Service Pack 3

Situation

Not all users on a Samba server appear when Samba is authenticating users against Active Directory.
  • "wbinfo -u" does not show all users
  • "getent passwd" does not show all user when Windows Domain authentication is being used

Resolution

 
The cause is a bad /etc/samba/secrets.tdb file.
  • On the Active Directory delete the machine account created for the Samba server
  • On the Samba server, shutdown all Samba services (rcsmb stop, rcnmb stop, rcwinbind stop)
  • Delete the /etc/samba/secret.tdb file
  • Start just the Samba daemon (rcsmb start)
  • Add the server back into the domain (net join -S -U administrator)
  • Restart all used Samba services

Additional Information

It is strongly recommended to backup any Samba configuration prior to making this change. The secrets.tdb file holds private information such as the workstation and machine account passwords, trust accounts information and administrator information.
 
Also, if Samba was setup and was authenticating users against a non-Active Directory back end, i.e. local password file or LDAP, you will need to delete all the files in the /etc/samba directory except the smb.conf.
 
Samba maintains a listing of uids/guids that are mapped against Samba users, held in /etc/winbindd_idmap.tdb* or any file that has idmap in its name. In order to maintain file system consistency, it is recommended that you preserve this file. If this file is lost, then access controls lists and other file system permissions may not work and it will require that you recreate the permissions.
 
 
 

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:3430253
  • Creation Date: 24-Oct-2007
  • Modified Date:15-Mar-2021
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.