Márcio Merlone
2014-Jan-21 13:04 UTC
[Samba] AD domain member with sssd: any downside not running winbindd?
Hi, Setting up a samba4 domain member against a samba4 ad server using Ubuntu 12.04 and sernet packages. AD server is OK. On this domain member, if I use sssd to map windows users to unix users, will I miss something if I disable winbindd entirely? With sssd I already have domain users on linux, getent works, and all seems fine. Asking for some known gotcha? Regards. -- *Marcio Merlone* TI - Administrador de redes *A1 Engenharia - Unidade Corporativa* Fone: +55 41 3616-3797 Cel: +55 41 9689-0036 http://www.a1.ind.br/ <http://www.a1.ind.br>
steve
2014-Jan-21 15:25 UTC
[Samba] AD domain member with sssd: any downside not running winbindd?
On Tue, 2014-01-21 at 11:04 -0200, M?rcio Merlone wrote:> Hi, > > Setting up a samba4 domain member against a samba4 ad server using > Ubuntu 12.04 and sernet packages. AD server is OK. On this domain > member, if I use sssd to map windows users to unix users, will I miss > something if I disable winbindd entirely? > > With sssd I already have domain users on linux, getent works, and all > seems fine. Asking for some known gotcha?'getent works'? Stop right there. You're doing fine. I don't know what the opposite of 'gotcha' is, but I would use it in response to your last question. The only effect sssd gives is added advantages. Go ahead and disable winbind. But don't just take my advice. There may be other opinions both in support of and against sssd;) HTH Steve
Sven Schwedas
2014-Jan-21 15:38 UTC
[Samba] AD domain member with sssd: any downside not running winbindd?
sssd is completely independent of winbindd. Iirc smbd needs winbindd (not sure about that), but if all you need is auth, winbindd is not necessary. On 2014-01-21 14:04, M?rcio Merlone wrote:> Hi, > > Setting up a samba4 domain member against a samba4 ad server using > Ubuntu 12.04 and sernet packages. AD server is OK. On this domain > member, if I use sssd to map windows users to unix users, will I miss > something if I disable winbindd entirely? > > With sssd I already have domain users on linux, getent works, and all > seems fine. Asking for some known gotcha? > > Regards. >-- Mit freundlichen Gr??en, / Best Regards, Sven Schwedas Systemadministrator TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167 http://software.tao.at -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 665 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20140121/fccaa755/attachment.pgp>