If not using sssd, how do you join the clients to the domain? We are not using
GPO, only user authentication and DNS.
Due to security restrictions we are not able to install Samba packages on all
the clients. Sssd is the simplest solution, and the only one recommended and
officially supported by RedHat.
Br
________________________________
From: samba <samba-bounces at lists.samba.org> on behalf of Rowland Penny
via samba <samba at lists.samba.org>
Sent: Tuesday, December 17, 2024 8:43:52 AM
To: samba at lists.samba.org <samba at lists.samba.org>
Cc: Rowland Penny <rpenny at samba.org>
Subject: Re: [Samba] Error when joining new DC
On Tue, 17 Dec 2024 05:54:55 +0000
Peter Mittermayer via samba <samba at lists.samba.org> wrote:
> AFAIK sssd on RHEL is by default doing dyndny updates and it needs to
> be disabled in the config. Same for a Windows.
That is easy to fix, there is no reason to use sssd with Samba, it is
pointless, so, on redhat:
systemctl stop sssd
systemctl disable sssd
>
> Instead of client configuration which can be changed by any sysadmin
> I prefer to deny DNS updates centrally, where I have control.
As I said, Linux doesn't do them and you can use a GPO to stop any
Windows clients doing them, but you really should have the 'tkey' line
active in your named.conf.
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba