[Samba] sssd-ad cannot be installed with sernet samba

Rowland Penny rowlandpenny at googlemail.com
Fri Apr 3 04:19:13 MDT 2015


On 03/04/15 10:19, buhorojo wrote:
> On 03/04/15 11:09, Rowland Penny wrote:
>> On 02/04/15 22:54, Andrey Repin wrote:
>>> Greetings, Harry Jede!
>>>
>>>>> You can recommend whatever you like, the reality is that there's no
>>>>> spare hardware is coming my way alongside your recommendations.
>>>>> And I've been bitten by virtualization one time too many already to
>>>>> feel reluctant to implement it in production.
>>>>> Just check the last thread I started.
>>>>>
>>>>>> However, if you must use the DC as a fileserver, investigate the
>>>>>> 'template' lines for smb.conf
>>>>> I can't see, how it can make a difference, if I'm setting winbind on
>>>>> DC or a member server.
>>>>   OK. You dont understand it. winbind exists in two incarnations. 
>>>> winbind on
>>>> samba dc, version 4.0.x and 4.1.x, winbindd (with two d) on all 
>>>> other samba versions.
>>> I have same Samba version on both, so, doesn't apply.
>>>
>>>>> The information is coming from same place -
>>>>> from AD.
>>>>   Simply false. Read the docs.
>>>> Information may be stored in AD, passwd db, nis, idmap.ldb or 
>>>> computed on
>>>> the fly. Sometimes you have two stores at the same time.
>>> Where information MAY come from is irrelevant.
>>> I told you, where it is coming from in my case.
>>>
>>>>> What makes it behave differently, if set on different
>>>>> server?
>>>> Different approaches for the same thing!!
>>>> Mapping M$ identities to posix identities could be quite complex.
>>> I set the same program in the same fashion on two OS installations 
>>> of the same
>>> version - and suddenly it behave differently, depends on the server 
>>> it runs
>>> on, the phase of the moon and the height of snow cover on Alaska?
>>> See above, I can compress this phrase into one word, starting with 
>>> "b". And
>>> that would not be a "bug".
>>>
>>>
>>
>> OK, from what you have posted, I am surmising that you are using 
>> samba 4.2.0, in which case you will be using winbindd on all samba 
>> servers.
>> Now, whilst winbindd is in use on all servers, it is used differently 
>> depending on what the server is. If it is a DC, the samba daemon is 
>> started and then this starts the smbd & winbindd daemons, 
>> unfortunately, it would appear that not all the links are there to 
>> use all that winbindd could provide. This means whilst you get the 
>> uidNumber & the primarygroupid, you do not get anything else, this is 
>> not a bug, it is a lack of a feature.
>
> So why have you reported it a bug in Samba Bugzilla and labelled its 
> priority as 'P5 major'?
>

Because when I reported that bug I thought it *was* a bug, I have since 
been advised that it isn't and HAVE ACCEPTED THIS!!!

Rowland



More information about the samba mailing list