linux domain member – idmap ad – getent passwd not working – wbinfo -i SAMDOM\\xyzuser returns wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
PROBLEM: Users per default primary group “domain users” has not set gidNumber per default installation. Edit these groups props with ldbedit and add a gidNumber entry.
How solved? ( credits: https://stackoverflow.com/questions/30601942/consistent-uid-and-gid-across-linux-clients-for-multiple-domain-using-autorid):
wbinfo -n SAMDOM\\user1
to give you the SID (windows user ID) for the user, and then use
wbinfo -S USERSID
with this sid to check UID assignment. Similarly, use
wbinfo -n "SAMDOM\\Domain Users"
wbinfo -Y GROUPSID
wbinfo -Y [Domain Users SID] returns that it could not get a gid
do on the DC:
ldbedit -e mcedit -H /var/lib/samba/private/sam.ldb 'sAMAccountName=Domain Users'
and add a line like
gidNumber: 65534
if you want to map domain users to unix group nobody
Set it to 100 if you wanna map it to unix group users
Do on the DC-machine
net cache flush