Bug 7167 - winbind enum groups = yes does not work for local groups
Summary: winbind enum groups = yes does not work for local groups
Alias: None
Product: Samba 3.5
Classification: Unclassified
Component: Winbind (show other bugs)
Version: 3.5.0rc3
Hardware: All All
: P3 normal
Target Milestone: ---
Assignee: Guenther Deschner
QA Contact: Samba QA Contact
Depends on:
Reported: 2010-02-22 06:20 UTC by Björn Jacke
Modified: 2020-12-14 07:31 UTC (History)
5 users (show)

See Also:

patch for master (3.20 KB, patch)
2015-02-05 08:24 UTC, Guenther Deschner
gd: review? (bjacke)
gd: review? (obnox)

Note You need to log in before you can comment on or make changes to this bug.
Description Björn Jacke 2010-02-22 06:20:18 UTC
localgroups on a member server are not listed. On a 3.5 member server do:

# net sam createlocalgroup localusers

# getent group 'dds13\localusers'

# getent group | grep -i localuser

the relevant part of smb.conf:

idmap backend = tdb
idmap uid = 2000000-3000000
idmap gid = 2000000-3000000
winbind enum users = yes
winbind enum groups = yes

The same problem applies to the BUILTIN domain. Domain groups are being listed correctly.
Comment 1 Thiago Crepaldi 2013-12-10 16:35:27 UTC
This bug still reproduces on Samba 4.1.2
Comment 2 Guenther Deschner 2015-02-05 08:24:54 UTC
Created attachment 10706 [details]
patch for master
Comment 3 Volker Lendecke 2020-12-14 07:31:45 UTC
Comment on attachment 10706 [details]
patch for master

This patch won't apply cleanly to master anymore. There is AD DC code that enumerates local groups, but that is activated only on the DC. If there's a need to enumerate local groups on the domain member as well, this patch needs to be rewritten.