[Samba] samba4 and sssd and user mapping

Rowland Penny rowlandpenny at googlemail.com
Mon Jan 27 07:37:04 MST 2014

On 27/01/14 14:30, Volker Lendecke wrote:
> On Mon, Jan 27, 2014 at 02:43:52PM +0100, Björn JACKE wrote:
>>>> As written before you would have to configure idmap
>>>> nss and run winbind in addition to sssd but you will still have the problems
>>>> with the flat view on the user and group name space. If someone on the list
>>>> writes that sssd in Samba member servers is supported, than this is a personal
>>>> opinion of that person but this is the opposite what the samba developers tell
>>>> you.
>>> Link?
>> if unfortunately nobody from the team corrected the false advice of using sssd
>> on samba member servers, then take my mails as reference if you want to
>> have a referrence :-)
> Just a confirmation from my side here. You might go with
> sssd for the end-user workstation case for some reason, but
> please use winbind for the file server case. winbind does
> the workstation case well also, so the main reason for sssd
> is the IPA/LDAP backend flexibility in the workstation case.
> With best regards,
> Volker Lendecke
I am sorry Volker, but just saying don't use sssd for a file server is 
not good enough, you must give good reasons why. From my experience, 
telling somebody 'do not do this', without explaining why, is a recipe 
for disaster.

Just what does winbind do that sssd doesn't?


More information about the samba mailing list