[Samba] sssd configuration
walk2sun at arcor.de
Wed Sep 17 08:41:22 MDT 2014
On 16:40:02 wrote Lars Hanke:
> > Older versions of sssd back to 1.8 supported AD through the
> > rfc2307bis ldap schema. The configuration is a little more
> > involved and you don't get the drop-in AD engineered product, but
> > it works and what's more it would solve your Domain Users !=
> > domain users problem at the client end at least. We documented the
> > method for sssd <= 1.9.6 here:
> > http://linuxcostablanca.blogspot.com.es/2013/04/sssd-in-samba-40.h
> > tml
> Thanks for the hint. I started out to install sssd on my test system.
> I followed that link quite closely. But something strange happens:
> if I do 'id myuser' it claims the user is unknown. Of course I can
> neither log in with that user.
> I did sssd -i -d 0x7f0 and checked what happens. For login I see that
> it queries the AD LDAP for myuser, finds all its groups and then
> enters PAM. It performs a successful Kerberos authentication for the
> For id it does not query LDAP at all. Nothing in the logs, no traffic
> in wireshark.
> Of course nssswitch.conf has 'compat sss' for passwd, group, and
> shadow. Also pam_sss.so is listed in /etc/pam.d/common-*.
> Any ideas for troubleshooting?
More information about the samba