Samba-clen domeny windows, problem s "getent"

[rathousky na centrum.cz]

Zdravim, 
potreboval bych udelat fileserver ktery bude overovat uzivatele oproti
domenovemu radici. 
S pomoci mnoha clanku, manualu a DOCek jsem vytlacil priblizne toto: 

smb.conf: 
[global]
unix charset = LOCALE
workgroup = office
realm = OFFICE.BLA.CZ
server string = Gamma
security = ADS
allow trusted domains = no
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
printcap name = CUPS
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
template primary group = "Domain Users"
template shell = /bin/false
winbind separator = +
printing = cups
[public]
path = /mnt/raid/
writeable = yes
browseable = yes
valid users = @"domain users"


/etc/krb5.conf: 
[libdefaults]
        clockskew = 600
        default_realm = OFFICE.BLA.CZ
[realms]
    OFFICE.BLA.CZ = {
    kdc = alpha.office.bla.cz
    default_domain = OFFICE.BLA.CZ
    kpasswd_server = alpha.office.bla.cz
}
[domain_realm]
    .OFFICE.BLA.CZ = OFFICE.BLA.CZ
[logging]
    default = SYSLOG:NOTICE:DAEMON
    kdc = FILE:/var/log/kdc.log
    kadmind = FILE:/var/log/kadmind.log
[appdefaults]
pam = {
    ticket_lifetime = 1d
    renew_lifetime = 1d
    forwardable = true
    proxiable = false
    retain_after_close = false
    minimum_uid = 0
    debug = false                                                         
                                                       }

kdyz zkusim wbinfo -u tak mi to vypise vsechny uzivatele z domenoveho
radice, wbinfo -g vsechny grupy, ale kdyz zkusim "getent passwd" tak mi to
vrati jen seznam z /etc/passwd bez uzivatelu z domeny (kteri by tam podle
vsehy byt meli). 
Poradi mi nekdo? 
Nebo delam neco spatne?