[Samba] samba4 and sssd and user mapping

Volker Lendecke Volker.Lendecke at SerNet.DE
Mon Jan 27 07:39:05 MST 2014

On Mon, Jan 27, 2014 at 02:26:17PM +0000, Rowland Penny wrote:
> >you are talking about completely different setups here. A smbd
> >file/print server does not use pam at all.
> So how does smbd get its authentication then in an AD domain?

Look at "wbinfo -a". This exactly simulates what smbd is
doing. Forward the authentication credentials to AD.
Alternatively, if kerberos is used, smbd and winbind
communicate via the netsamlogon_cache.tdb. smbd puts the
windows authorization information into that file, winbind
then retrieves it from there when nss information is being
asked for. I'm not sure sssd does that the same way.


SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de

More information about the samba mailing list