[Samba] please confirm: sssd not a good idea :)
rpenny at samba.org
Sat Jun 8 20:32:42 UTC 2019
On 08/06/2019 16:24, Uwe Laverenz via samba wrote:
> Hi all,
> when you join a linux server to an active directory with "realm" it
> uses "sssd" as default. This works well as long as you just want to be
> a simple domain member.
> As soon as you want a real member server, with acls for example, you
> need winbind instead of sssd. You can't even connect to or configure
> your server with "net rpc" without using winbind, right?
> As Rowland pointed out in another thread, a Samba 4.8.0+ domain member
> needs winbind anyway.
> Could you please confirm that I finally got it right and that the use
> of "sssd" should be avoided except for basic authentication and that
> for serious samba servers "winbind" is the only (correct and
> supported) way to go?
> thank you,
I never said that you should avoid sssd, I said that Samba does not
support it because we do not produce it and that it does very little
that winbind doesn't.
sssd is supported by the sssd-users mailing list and if you need help
with sssd, that is where to address any problems to.
Samba supports the use of the samba, smbd, nmbd and winbindd daemons.
You are also correct that on a Unix domain member you need to have
winbind running, so you might as well use it ;-)
More information about the samba