Comprehensive re-write of the classicupgrade HowTo and other changes
Jakub Hrozek
jakub.hrozek at gmail.com
Mon Jun 2 14:23:20 MDT 2014
On Sun, 2014-06-01 at 16:35 +0200, steve wrote:
> On Sun, 2014-06-01 at 15:57 +0200, Jakub Hrozek wrote:
> > On Thu, 2014-05-29 at 22:52 +0200, steve wrote:
> > > Thanks.
> > > We still object to:
> > > '. . .if your domain was provisioned with the --rfc2307 option . .'
> > > Repeat, you do not need to provision with --rfc2307 option. The default
> > > schema already allows for rfc2307 and so sssd works perfectly well
> > > without it. All the necessary posix attributes can be managed with
> > > samba-tool, ldbedit or ldbmodify. You may wish to add that provisioning
> > > with --rfc2307 is necessary only should you wish to manage said from
> > > ADUC.
> > > Steve
> > >
> >
> > Does this sentence sound better to you?
> >
> > https://wiki.samba.org/index.php?title=Local_user_management_and_authentication%2Fsssd&diff=8913&oldid=8912
> >
> > (I believe there was a mid-air collision between me implementing
> > Rowland' corrections and someone else correcting the RFC2307 details,
> > hope I didn't remove any content)
> >
> It's still misleading. How about:
>
> At the same time, provisioning with --rfc2307 is only necessary should
> you wish to manage it from windows. rfc2307 is available out of the box
> and can be managed samba-tool and all the usual ldb tools.
>
I don't feel comfortable enough with deploying Samba on the server side
to assess if the above is accurate and well-worded, sorry.
Marc, could you help me out here? IIRC you contributed the --rfc2307
part..
> If you do not wish to store your rfc2307 information in AD at all, SSSD
> also supports algorithmic ID-mapping. Moreover, certain POSIX attributes
> such as home directory or shell can be set on the client side. For
> further information about RFC2307, see the:
> [[Using_RFC2307_on_a_Samba_DC|Using RFC2307 on a Samba DC]] HowTo.
The above sounds good to me, except the "in AD" part. Shouldn't that
read "in Samba" or "on the server side" ?
>
> Acceptable?
> Steve
Thanks for checking out the wiki page!
More information about the samba-technical
mailing list