[Samba] Domain member (2k8R2) server, problem mapping Kerberos/NSS users
mail at eliasprobst.eu
Mon Jul 21 09:52:38 MDT 2014
Oups, that went off-list…
On 07/21/2014 05:47 PM, Elias Probst wrote:
> On 07/21/2014 05:38 PM, Rowland Penny wrote:
>> This seems to say that winbind will map the domain users to local users,
>> so I suppose the next question has to be, is winbind running ?
> Looking at  I don't think I'd need winbindd, as winbindd is in this
> scenario obsoleted by SSSD.
>> Winbind is not used; users and groups resolved via NSS:
>> In this situation user and group accounts are treated as if they are
>> local accounts. The only way in which this differs from having local
>> accounts is that the accounts are stored in a repository that can be
>> shared. In practice this means that they will reside in either an
>> NIS-type database or else in LDAP.
>> This configuration may be used with standalone Samba servers, domain
>> member servers [sic!] (NT4 or ADS), and for a PDC that uses either an
>> smbpasswd or a tdbsam-based Samba passdb backend.
> winbind would just duplicate the efforts (talk to LDAP/AD to resolve
> users etc.) already done by SSSD.
> See also: https://www.fedorahosted.org/sssd/wiki/SSSD-vs-Winbind
> - Elias
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 884 bytes
Desc: OpenPGP digital signature
More information about the samba