[Samba] sssd not a good idea

Rowland penny rpenny at samba.org
Sat Jun 15 11:38:41 UTC 2019

On 15/06/2019 12:22, Simo wrote:
> On Wed, 2019-06-12 at 18:14 +0100, Rowland penny via samba wrote:
>> On 12/06/2019 18:02, Goetz, Patrick G via samba wrote:
>>> So, the bug reports referenced below are in regard to having Samba be a
>>> domain member.  My question is why would I want Samba to be a domain
>>> member?  I want the machine Samba runs on to be a domain member, because
>>> there are other things going on on that machine as well.
>> You cannot have one without the other, a Unix computer without Samba is
>> just that, a Unix machine. Add Samba and you can join an AD domain, the
>> letters 'S', 'M' and 'B' in Samba are there for a reason.
> Sorry Rowland, but this is incorrect, you need samba (smbd) only if you
> want to make the member server a file server.

So what do you suggest that Samba does?

Do not run smbd ?

Only run nmbd ? but network browsing is as good as dead

Only run winbindd ? but this could interfere with sssd.

> If you do not need to offer SMB file services there are many other
> products that join a unix machine to an AD server, including the
> mentioned sssd (with the realmd utility)

There well may be other products, but, as they are not produced by 
Samba, we cannot provide support for them.

There is also the little problem that Red-Hat no longer supports the use 
of sssd with Samba

Whilst I accept that there is nothing wrong with sssd and that people 
have made it work with Samba, this is not the mailing list to discuss 
any possible problems


More information about the samba mailing list