On 6/12/19 7:00 AM, Rowland penny wrote:> Until yesterday I would have pointed you at the sssd-users mailing list, that was until I found this:> *Important*> Red Hat only supports running Samba as a server with the |winbindd| service to provide domain users and groups to the local system. Due to certain limitations, such as missing Windows access control list (ACL) support and NT LAN Manager (NTLM) fallback, the System Security Services Daemon (SSSD) is not supported.> Samba does not support sssd because it cannot, it doesn't produce it. It now seems that red-hat doesn't support using sssd with Samba either, so you are on your own here.Hi Rowland - Do you have a link for this comment? I tried looking it up in the current RHEL documentation, and couldn't find it. I'm guessing this might be out of date? For example, I know nothing of any NTLM fallback.
On 12/06/2019 16:31, Goetz, Patrick G via samba wrote:> > On 6/12/19 7:00 AM, Rowland penny wrote: >> Until yesterday I would have pointed you at the sssd-users mailing list, that was until I found this: >> *Important* >> Red Hat only supports running Samba as a server with the |winbindd| service to provide domain users and groups to the local system. Due to certain limitations, such as missing Windows access control list (ACL) support and NT LAN Manager (NTLM) fallback, the System Security Services Daemon (SSSD) is not supported. >> Samba does not support sssd because it cannot, it doesn't produce it. It now seems that red-hat doesn't support using sssd with Samba either, so you are on your own here. > > Hi Rowland - > > Do you have a link for this comment? I tried looking it up in the > current RHEL documentation, and couldn't find it. I'm guessing this > might be out of date? For example, I know nothing of any NTLM fallback. > > > >https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-file_and_print_servers
Am 12.06.19 um 17:31 schrieb Goetz, Patrick G via samba:> > > On 6/12/19 7:00 AM, Rowland penny wrote: >> Until yesterday I would have pointed you at the sssd-users mailing list, that was until I found this: > >> *Important* > >> Red Hat only supports running Samba as a server with the |winbindd| service to provide domain users and groups to the local system. Due to certain limitations, such as missing Windows access control list (ACL) support and NT LAN Manager (NTLM) fallback, the System Security Services Daemon (SSSD) is not supported. > >> Samba does not support sssd because it cannot, it doesn't produce it. It now seems that red-hat doesn't support using sssd with Samba either, so you are on your own here. > > > Hi Rowland - > > Do you have a link for this comment? I tried looking it up in the > current RHEL documentation, and couldn't find it. I'm guessing this > might be out of date? For example, I know nothing of any NTLM fallbackhttps://www.google.com/search?q=%22the+System+Security+Services+Daemon+(SSSD)+is+not+supported%22 https://bugzilla.redhat.com/show_bug.cgi?id=1663323 https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-file_and_print_servers#setting_up_samba_as_a_domain_member
That's clearly a documentation bug. As for the samba integration, it's now in its own guide: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/index (this is what I followed on 7.5/7.6 to consume realmd). Let me open a BZ about this... Regards, Vincent On Wed, 12 Jun 2019, Rowland penny via samba wrote:> On 12/06/2019 16:31, Goetz, Patrick G via samba wrote: >> >> On 6/12/19 7:00 AM, Rowland penny wrote: >>> Until yesterday I would have pointed you at the sssd-users mailing list, >>> that was until I found this: >>> *Important* >>> Red Hat only supports running Samba as a server with the |winbindd| >>> service to provide domain users and groups to the local system. Due to >>> certain limitations, such as missing Windows access control list (ACL) >>> support and NT LAN Manager (NTLM) fallback, the System Security Services >>> Daemon (SSSD) is not supported. >>> Samba does not support sssd because it cannot, it doesn't produce it. It >>> now seems that red-hat doesn't support using sssd with Samba either, so >>> you are on your own here. >> >> Hi Rowland - >> >> Do you have a link for this comment? I tried looking it up in the >> current RHEL documentation, and couldn't find it. I'm guessing this >> might be out of date? For example, I know nothing of any NTLM fallback. >> >> >> >> > https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-file_and_print_servers > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >