[Samba] samba4 missing group membership with getent group
steve
steve at steve-ss.com
Tue Jun 25 04:03:02 MDT 2013
On Mon, 2013-06-24 at 18:21 +0200, Marc Muehlfeld wrote:
> Hello Rowland,
>
> Am 24.06.2013 12:26, schrieb Rowland Penny:
> > As far as I can see, the only way to get getent on the S4 server to show
> > groupmembers is to use sssd
>
> nslcd works great for that job here, too.
Hi
nslcd is simplicity itself but we couldn't get it going for nested
groups. Also it doesn't do dynamic dns updates, which sssd throws in for
free and unless you use nscd, it's slow.
Maybe your wiki could include the config for kerberised binds to the S4
ldap? This is all you need:
/etc/nslcd.conf
uid nslcd
gid nslcd
uri ldap://your.f.q.d.n
base dc=foo,dc=bar
map passwd uid samAccountName
map passwd homeDirectory unixHomeDirectory
sasl_mech GSSAPI
sasl_realm YOUR.REALM
krb5_ccname /tmp/nslcd.tkt
Hope you get a chance to have a play with sssd. It would be good to hear
other views on how it compares with winbind and nslcd.
Cheers,
Steve
More information about the samba
mailing list