[Samba] sssd-ad cannot be installed with sernet samba

buhorojo buhorojo.lcb at gmail.com
Thu Apr 2 11:24:26 MDT 2015

On 02/04/15 19:02, Andrey Repin wrote:
> Greetings, Rowland Penny!
>>>> nss/winbind does work, yes, there is 1 missing file, just created it.
>>>> ( and this is not needed on a DC ! )
>>> So you are telling us that something that returns:
>>> /bin/false
>>>   when:
>>> /bin/bash
>>> is specified in the database is a piece of software that is working?
>> You only need a shell if you are logging into the DC and you shouldn't
>> be, the samba wiki couldn't be much plainer, it is not recommended to
>> use the DC as a fileserver!
> You can recommend whatever you like, the reality is that there's no spare
> hardware is coming my way alongside your recommendations.
> And I've been bitten by virtualization one time too many already to feel
> reluctant to implement it in production.
> Just check the last thread I started.
>> However, if you must use the DC as a fileserver, investigate the
>> 'template' lines for smb.conf
> I can't see, how it can make a difference, if I'm setting winbind on DC or a
> member server. The information is coming from same place - from AD.
> What makes it behave differently, if set on different server?
For a small domain it makes sense to use the DC as a file server. That's 
what windows does. If you don't want to use samba, you can pick up a 
w2003v2 or whatever they call it cd for next to nothing these days.

More information about the samba mailing list