[Samba] Samba4 DC winbind or sssd
Caleb O'Connell
caleb at privacyassociation.org
Mon Jul 28 08:54:17 MDT 2014
I have a samba4 Domain Controller, there are no other samba4 domain member
servers in the network, there is one other samba 3 member server in the
network.
I've setup the DC with:
idmap_ldb:use rfc2307 = yes
On the samba4, do we use the idmap attributes?
# idmap config * : backend = tdb
# idmap config * : range = 70001-999999
# idmap config IAPP : backend = ad
# idmap config IAPP : schema_mode = rfc2307
# idmap config IAPP : range = 10000-70000
# winbind nss info = rfc2307
# winbind trusted domains only = no
# winbind use default domain = Yes
# winbind enum users = Yes
# winbind enum groups = Yes
# winbind refresh tickets = yes
# winbind nested groups = Yes
Is this only a member server thing? The samba 3 server is using this and it
works well. In my reading it sounds like samba4 does not support this on
the DC.
Is it recommended to use sssd on the DC for local accounts from AD?
Thanks in advance for any advice
Caleb
More information about the samba
mailing list