Hello!
I have two Debian servers, one with 8.7 and one with 7.11.
I have joined both to my domain successfully but I have problems with the one running 8.7.
If I run
getent group on the old version I will get all the group on the domain including the ones from the domain trust.
If I do this on 8.7 I don't get anything from the domain at all but if I run
wbinfo -g I get the groups from the domain but not from the domain that is trusted as I do on 7.11.
All the config is identical between the machines.
This is nsswitch.conf:
Code:
passwd: compat winbind
group: compat winbind
shadow: compat
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
krb5.conf:
Code:
[logging]
Default = FILE:/var/log/krb5.log
[libdefaults]
ticket_lifetime = 24000
clock-skew = 300
default_realm = DOMAIN.LOCAL
[realms]
DOMAIN.LOCAL = {
kdc = AD1.DOMAIN.LOCAL:88
admin_server = AD1.DOMAIN.LOCAL:464
}
[domain_realm]
.domain.local = domain.local
domain.local = domain.local
[login]
krb4_convert = true
krb4_get_tickets = false
smb.conf:
Code:
[global]
security = ads
realm = domain.local
password server = ad1.domain.local
workgroup = DOMAIN
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
winbind use default domain = yes
restrict anonymous = 2
domain master = no
local master = no
preferred master = no
os level = 0
unix extensions = no
So when I run
wbinfo -g on 8.7 I get the domain groups but not from the trusted domain. And when I run
getent group I don't get any information from the domain at all indicating that there's something wrong with the
nsswitch.conf?
Is there something that has changed regarding this in the newer version of Debian?
Any help is appreciated.
