[Samba] Using SSSD + AD with Samba seems to require Winbind be running
L.P.H. van Belle
belle at bazuin.nl
Wed Aug 12 13:45:23 UTC 2020
>
> On 8/12/20 9:11 AM, L.P.H. van Belle via samba wrote:
> > What i dont get/understand ..
> >
> > Why ? Why such setup.
> > Can TP explain this?
> >
> > Just trying to understand you idea why setup like this..
> > There must be a reason?
> >
>
> SSSD provides features that Samba probably will not, like GPO login enforcement,
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions
If its a setting like that, sure you can enforce it (for windows).
For linux, well, there is no GPO for linux.. but what would or are you doing / need here?
Still trying to understand this more.
> and some it doesn't do yet like automatically define private groups
> (groups with the same name of the user, I filled a bug for this one)
Why in earth would you do that. This makes you maintainenace only more complex.
And, in my personal opinion more prone to errors.
>
> There are meny others but my intention is not to advertice
> SSSD but help
> people that need to use it by company policy or by needed features.
Thanks for you replies.
It might help me understand better why people use/want to use SSSD.
So far,
Greetz,
Louis
More information about the samba
mailing list