[Wolves] Samba in an Active Directories environment

Simon Morris mozrat at gmail.com
Fri Dec 2 08:02:34 GMT 2005

On 02/12/05, Ian Harper <idharper at gmail.com> wrote:
> Sorry yes I mean it isnt displaying the Domain anme i.e. TEST\xyz
> do you mean "winbind use default domain = yes"  if so then thats set.
> also any ideas why it wont show the domain usernames/password when
> using getent passwd ?

Morning Ian,

OK - you can choose whether to use the DOMAIN as part of the username or not.

Obviously the fact that you are pulling user name from a different
authentication source should be transparent to the UNIX user so I
wouldn't recommend enforcing use of the AD Domain name.

With "winbind use default domain = yes" you can use the AD names like this

chown -R bob /home/DOMAIN/bob

With "winbind use default domain = no" you have to include the AD name
like this

chown -R DOMAIN%bob /home/DOMAIN/bob

NT uses a convention of DOMAIN-backslash-user (DOMAIN\bob) but as the
backslash has special meanings in the shell it is highly recommended
to use a different character as your separator.

This is why you see DOMAIN%user if your "winbind separator = %"

You should see these names in getent. If not have a look at what
/etc/nsswitch.conf is doing and also if you are running nscd give that
a kick.


Jabber: mozrat at gmail.com
www: http://beerandspeech.org

DISCLAIMER: Reading the following URL may make you boggle:
No animals were harmed in the making of this email

More information about the Wolves mailing list