Date: Fri, 16 Sep 2005 14:00:48 -0500 From: Dan Nelson <dnelson@allantgroup.com> To: Doug Sampson <dougs@dawnsign.com> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org> Subject: Re: [Samba] getent & winbindd on FreeBSD 5.4 Message-ID: <20050916190048.GF72150@dan.emsphone.com> In-Reply-To: <EFADFCBA81EEBC4FA93D573B32AFFE270124A4C2@mercury.dawnsign.com> References: <EFADFCBA81EEBC4FA93D573B32AFFE270124A4C2@mercury.dawnsign.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Sep 16), Doug Sampson said: > > FreeBSD doesn't come with a getent program. I was able to compile > > OpenSolaris' getent on FreeBSD with minimal problems, though. You'll > > have to remove support for ipnodes, project, and netmasks since those > > are Solaris-specific, remove the gettext code, and you'll need to > > provide a "putpwent" function (I used > > /usr/src/usr.sbin/pw/pwupd.c:fmtpwentry() instead ). > > > > http://cvs.opensolaris.org/source/xref/usr/src/cmd/getent/ > > I found the source for getent in > /usr/ports/net/samba3/work/samba-3.0.20/testsuite/nsswitch (see file > listing:) > > and I ran 'gcc -o getent getent.c' to create the getent command. I > then moved it to /usr/local/sbin and ran 'getent passwd'. The output > still doesn't produce the list of domain users- only the local users. > Hm? I am not sure if I am doing this correctly. I am flying blindly > on this as I am relatively new to *nix in general (huge learning > curve). Can you verify that I'm doing this correctly? Yes, that getent command should suffice for printing users and groups, including any NSS-provided ones. You can also use the 'id' or 'pw user show' commands to print similar info. > I am starting to wonder if my problem isn't related to getent but > elsewhere. I read on the 'Net that FreeBSD finally provided NSS > support starting with version 5.0. I also wonder if I'm not > configuring my PAM modules correctly. See my earlier mail re: > nsswitch.conf and /etc/pam.d/login. PAM only handles authentication during login; looking up user/group names is handled by NSS. If your nsswitch.conf has "passwd: compat winbind" in it, you have a /usr/local/lib/nss_winbind.so.1 file, and getent can't find users that windbind should be providing, I'd start looking for nss_winbind debugging options. -- Dan Nelson dnelson@allantgroup.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050916190048.GF72150>