[Samba] sssd + samba4 not working (yet)

Kenneth Westelinck kenneth.westelinck at gmail.com
Wed Feb 19 05:52:24 MST 2014 

Thanks.
- I compiled Samba 4.1.4 for Wheezy from sernet's package sources
- I am compiling sssd 1.11.3 from Sid on Wheezy (it is compiling as we
speak, I hope)
Thanks for offering packages, but I'm on ARM and I don't have a Debian
Intel machine to cross-compile :)

If sssd is not supported, why bother documenting it:
https://wiki.samba.org/index.php/Local_user_management_and_authentication/sssd:)

I'll see if I have better luck with sssd 1.11.3 and try to read-up on
documentation on the sssd side. Keep you posted.


On Wed, Feb 19, 2014 at 1:36 PM, L.P.H. van Belle <belle at bazuin.nl> wrote:

> Ai...
>
> and i forgot to mention.
>
> SSSD is NOT supported by samba developers, questions about it ask on the
> sssd mailing list.
>
> ;-)
>
> You better go and try samba4 winbind, i has all you need.
> and these questions you can ask here ..
>
> Regards,
>
> Louis
>
> >-----Oorspronkelijk bericht-----
> >Van: belle at bazuin.nl [mailto:samba-bounces at lists.samba.org]
> >Namens L.P.H. van Belle
> >Verzonden: woensdag 19 februari 2014 13:33
> >Aan: Kenneth Westelinck
> >CC: samba at lists.samba.org
> >Onderwerp: Re: [Samba] sssd + samba4 not working (yet)
> >
> >google for : "If people want, this is how:  samba 4.1.3 and
> >sssd 1.11.3 for debian wheezy"
> >and here you go:
> >https://lists.samba.org/archive/samba/2014-January/177934.html
> >outlined what you need.
> >
> >The order of the file you install with dpkg -i must be
> >correct. ( or setup a apt repo )
> >and you need samba-dev for sssd to compile, so first samba,
> >and all samba depends.
> >
> >I did it..  its do-able.
> >and tip samba 4.1.4 is hard to do, didnt work for me last
> >time, so pik the source of 4.1.3 and start compileing
> >
> >and if you ask nice i can put them online, but only for a short time.
> >I dont have the needed line atm for everybody.
> >
> >I have the source and packages there if you want.  ( with
> >needed depends )
> >
> > apt-cache policy sssd-ad
> >sssd-ad:
> >  Installed: 1.11.3-1
> >  Candidate: 1.11.3-1
> >  Version table:
> > *** 1.11.3-1 0
> >        700 http://CENCORED/debian/wheezy/amd64/  Packages
> >        100 /var/lib/dpkg/status
> >
> >
> >apt-cache policy samba
> >samba:
> >  Installed: 2:4.1.3+dfsg-2
> >  Candidate: 2:4.1.3+dfsg-2
> >  Version table:
> > *** 2:4.1.3+dfsg-2 0
> >        700 http://CENCORED/debian/wheezy/amd64/  Packages
> >        100 /var/lib/dpkg/status
> >
> >and tip, if you start compiling, i advice to use your own
> >compiles samba4 and not the backports.
> >this is because of needed depends for compiling.
> >you can try but i didnt test that mix
> >
> >
> >Best regards,
> >
> >Louis
> >
> >
> >
> >>-----Oorspronkelijk bericht-----
> >>Van: kenneth.westelinck at gmail.com
> >>[mailto:samba-bounces at lists.samba.org] Namens Kenneth Westelinck
> >>Verzonden: woensdag 19 februari 2014 12:58
> >>Aan: steve
> >>CC: samba at lists.samba.org
> >>Onderwerp: Re: [Samba] sssd + samba4 not working (yet)
> >>
> >>- Updated (using s4domaingroup-change-gid) gidNumber to 513
> >>(to match what
> >>it was in my old LDAP + SAMBA setup)
> >>- Created a new user (1002:513) with samba-tool and made sure
> >>uidNumber and
> >>gidNumber are filled in
> >>- checked with apache directory studio (
> >>http://www.clearcenter.com/support/documentation/clearos_guides
> >>/using_apache_directory_studio_with_samba_directory_-_samba_4)
> >>if attributes are available in LDAP, they are
> >>
> >>What's next?
> >>(in the meantime I'll try to backport sid's sssd package)
> >>
> >>
> >>On Wed, Feb 19, 2014 at 12:31 PM, Kenneth Westelinck <
> >>kenneth.westelinck at gmail.com> wrote:
> >>
> >>> this might work:
> >>>
> >>http://linuxcostablanca.blogspot.be/2012/02/samba-4-posix-domai
> >>n-user.html
> >>>
> >>>
> >>> On Wed, Feb 19, 2014 at 11:58 AM, steve <steve at steve-ss.com> wrote:
> >>>
> >>>> On Wed, 2014-02-19 at 08:07 +0100, Kenneth Westelinck wrote:
> >>>> > All,
> >>>> >
> >>>> >
> >>>> > Keytab should be fine, as I used the instructions from
> >the wiki to
> >>>> > export it:
> >>>> > root at bubba3-one:/etc# klist -k krb5.sssd.keytab
> >>>> > Keytab name: FILE:krb5.sssd.keytab
> >>>> > KVNO Principal
> >>>> > ----
> >>>> >
> >>>>
> >>---------------------------------------------------------------
> >>-----------
> >>>> >    1 bubba3-one$@EARTH.LOCAL
> >>>> >    1 bubba3-one$@EARTH.LOCAL
> >>>> >    1 bubba3-one$@EARTH.LOCAL
> >>>> > root at bubba3-one:/etc#
> >>>> >
> >>>> >
> >>>> > getent passwd Administrator doesn't return anything
> >>>> >
> >>>> >
> >>>> > I guess I have the uid number stored:
> >>>> > root at bubba3-one:/etc# wbinfo --user-info Administrator
> >>>> > EARTH\Administrator:*:0:100::/home/EARTH/Administrator:/bin/false
> >>>> > root at bubba3-one:/etc#
> >>>>
> >>>> getent doesn't work because you do not have the uid:gid
> >>stored in AD.
> >>>> Add something like:
> >>>> uidNumber: 10000
> >>>> gidNumber: 20513
> >>>> to the DN of Administrator
> >>>> and:
> >>>> gidNumber: 20513
> >>>> to the DN of Domain Users
> >>>>
> >>>> HTH
> >>>> Steve
> >>>>
> >>>> Next question? How?
> >>>>
> >>>>
> >>>>
> >>>
> >>--
> >>To unsubscribe from this list go to the following URL and read the
> >>instructions:  https://lists.samba.org/mailman/options/samba
> >>
> >>
> >
> >--
> >To unsubscribe from this list go to the following URL and read the
> >instructions:  https://lists.samba.org/mailman/options/samba
> >
> >
>
>

More information about the samba mailing list