Description of problem: When using either authconfig-gtk OR authconfig-tui to configure the system to use winbind for user information and user authentication, the config changes that are made to /etc/samba/smb.conf automatically are missing two lines. These two lines are necessary for the following two commands to be able to return unified results (results from ADS and local): getent passwd getent group It is important that both of these commands work because standard documentation states to use these two commands to make sure that winbind/ADS integration is working. Also, some users may have scripted against the output of getent. The two configuration lines that authconfig is not putting in /etc/samba/smb.conf are: winbind enum groups = yes winbind enum users = yes Version-Release number of selected component (if applicable): authconfig-5.4.2-1.fc9.i386 authconfig-gtk-5.4.2-1.fc9.i386 How reproducible: Every time tested. Steps to Reproduce: 1. In Gnome: System -> Administration -> Authentication 2. User Info tab: check winbind 3. Click configure winbind 4. Enter configuration info to integrate with Active Directory Server 5. Click Join Domain and complete the join 6. Click on Authentication Tab 7. Check winbind 8. Click Ok 9. Open console 10. Verify that ADS integration is working by issuing: wbinfo -g You should see all local and groups from Active Directory. 11. run: getent group 12. You will only see local entries 13. edit /etc/samba/smb.conf 14. Add these lines to winbind section created by authconfig: winbind enum groups = yes winbind enum users = yes 15. run: getent group 16. You should now see groups displayed from both active directory and local. Actual results: Only local users and groups are displayed when running: getent group getent passwd Expected results: Both Active Directory and local users and/or groups should be displayed when running: getent group getent passwd Additional info:
Created attachment 310477 [details] Suggested patch. Here is the suggested patch.
Since I have not heard an update or any activity on this bug yet, I went ahead and wrote a patch for the file authinfo.py to correct this issue. I have tested this patch and it works for me. The path does not add the two new config lines as command line options or options in the gui interfaces. I hope this patch helps and can be added to the package. Please find the patch attached as a .diff
I am not really sure that authconfig should add the options by default. If the default should be yes, then you should convince about that the samba developers. It doesn't make much sense to me to change authconfig to always put the lines there.
Why would I need to convince the Samba developers of this? It is the program authconfig that adds the auth configs to smb.conf, not the Samba package. It doesn't make sense to concern the Samba team with proposed changes to authconfig. I think my patch only makes authconfig behave more inline with documentation for AD authentication that is found on the web.
Because these options are by default no for a reason and it doesn't make any sense to change this default by authconfig.