[Samba] samba4 rfc2307 practice and confuse

Gémes Géza geza at kzsdabas.hu
Mon Apr 15 12:51:14 MDT 2013

2013-04-15 11:51 keltezéssel, d tbsky írta:
> 2013/4/15 steve <steve at steve-ss.com>
>> Yes. To get the rfc2307 info out from the directory you can use winbind,
>> nslcd or sssd on the client. If you want to get all of the rfc2307
>> attributes on the DC, your choice is narrowed down to the latter two. As
>> Geza posted earlier,  winbind can only manage uidNumber and gidNumber.
>> I've put our nslcd method here:
>> http://linuxcostablanca.**blogspot.com.es/2013/04/**
>> ubuntu-client-for-samba4.html<http://linuxcostablanca.blogspot.com.es/2013/04/ubuntu-client-for-samba4.html>
>> Will post the sssd solution sometime today.
>> HTH
>> Steve
>       I remeber that samba team suggest to use winbind instead of ldap to
> work with samba server, although I don't know why or is it still true for
> samba 4 DC. so what's the benefit of winbind?
>      since RHEL 6 comes with sssd, I think maybe I will use that instead of
> winbind. and thanks a lot for your information!!
> Regards,
> tbskyd
Winbind strengths:

1. Caching (lot better than nscd)
2. Can get group membership (the SIDs) from PAC (less lookups on the DC)
3. No need for storing plaintext passwords in config files, or create 
other user accounts than the machine account (created at join) and 
storing their keytab.

Probably there are others too (as well as weaknesses)


Geza Gemes

More information about the samba mailing list