[Samba] AD domain member with sssd: any downside not running winbindd?

steve steve at steve-ss.com
Tue Jan 21 10:47:45 MST 2014

On Tue, 2014-01-21 at 15:00 -0200, Márcio Merlone wrote:
> Em 21-01-2014 14:03, steve escreveu:
> > On Tue, 2014-01-21 at 16:38 +0100, Sven Schwedas wrote:
> >> sssd is completely independent of winbindd. Iirc smbd needs winbindd
> >> (not sure about that), but if all you need is auth, winbindd is not
> >> necessary.
> > Hi
> > We have a smbd 4.1.3 file server with sssd for authentication, autofs
> > and rfc2307. winbindd is not running, nor does it figure in nss.
> >
> > Maybe you are thinking of samba?
> Big picture:
> I'm upgrading an old samba3+ldap server to samba4 ad, and have to deal 
> with my mail server, proxy, applications, etc authing on new samba. I'm 
> tailoring the best solution.

Winbind doesn't yet work properly: if you need rfc2307 over and above
just the uid:gid on the DC, you have to use sssd, nss-ldapd. . . winbind
won't do it.

More information about the samba mailing list