[Samba] Slow Samba AD DC performance compared to Microsoft AD DC
Rowland penny
rpenny at samba.org
Fri Aug 28 09:29:41 UTC 2020
On 28/08/2020 10:07, Sinan Ozturk via samba wrote:
> Thanks for the information.
>
> I know this is kinda out of topic but is it possible to use samba with ipa client from another domain?
>
> It is probably broke both Samba and FreeIPA client.
>
> Our servers run a different domain with FreeIPA. Samba domain is domain.com, FreeIPA domain is domain.cloud
>
> I know FreeIPA and Samba have some common config files.
>
Your smb.conf has 'security = user' set, this basically makes it a
standalone server, so you do not need to run winbind, but you want the
client to a member of a domain, so, from the Samba point of view, you
need 'security = ads' and to run winbind. This is where the problem
starts, from Samba 4.8.0, with 'security = domain' or 'security = ads',
you must run winbind, unfortunately you cannot run winbind with sssd
because they both have their own versions of the same libs. This means
either run Samba with winbind against an AD domain, or Samba with sssd
against an IPA domain, I do not believe you can do both.
Rowland
More information about the samba
mailing list