[Samba] idmap & migration to rfc2307
buhorojo
buhorojo.lcb at gmail.com
Mon Nov 9 06:57:35 UTC 2015
On 08/11/15 23:40, Michael Adam wrote:
> On 2015-11-08 at 22:50 +0100, buhorojo wrote:
>> On 08/11/15 21:01, Michael Adam wrote:
>>> On 2015-11-08 at 20:34 +0100, buhorojo wrote:
>>>> sssd's uses its own implementation of winbind
>>> I repeat: sssd does not implement winbind.
>>> It implements some parts of the winbind protocol.
>>> It is not a drop-in replacement for winbind(d).
>>> And the ad-dc forcefully uses winbindd anyways,
>> No, it is not forced. It can be disabled.
> Of course you can disable the server service.
> But then you have neither a supported nor a
> fully functional AD/DC setup. :-)
But you have one which works, LOL!
>
>>> so sssd is not at all an option.
>> No? What it does do is just work.
> No. It does not work for the internals of the ad/dc.
> It may work in nsswitch.
>
> And did I mention this is neither a support
> nor an advocating forum for sssd?
>
>> winbind doesn't. It is unfair
>> on the OP to insist it does.
> What does "OP" mean?
http://lmgtfy.com/?q=what+does+OP+mean%3F
>
> Oh, and it is also unfair to always insist an
> external unsupported server just works, instead
> of addressing the points being discussed.
>
>>>> and _always_ retrieves the same id from AD. Repeat, _always_.
>>>> Currently it and nslcd are the only way to obtain full rfc2307
>>>> and consistent ids on DCs. Neither winbind nor
>>>> winbindd can do so.
>>> Sure. winbindd can do it.
>> Sorry but you are wrong. On a DC it can't.
> If it does not fully work, then we need to fix that.
> And as you so nicely pointed out earlier yourself
> (for sssd in that case...), instead of recommending
> the use of an unsupported external application,
> please submit a bug report at https://bugzilla.samba.org/
There are already many. Start with 10886.
sssd unsupported? You must be joking. It's Red Hat! OK, it costs a
fortune but you can always get the Fedora version with mailing list
support. Or, build it yourslef even.
By all means wait until winbind is fixed. However, those of us with work
to do need it to work now. Reliably!
Thanks again.
More information about the samba
mailing list