[Samba] samba4 kerberized nfs4 with sssd ad client

Rowland penny rpenny at samba.org
Fri Jul 24 12:51:14 UTC 2020

On 24/07/2020 12:35, Christian Naumer via samba wrote:
> I can't say much about the NFS part here. However, my laptop uses SSSD
> as client software and I mount our Samba shares via pam_mount and
> kerberos. This all works fine. So I suspect that this should also work
> with NFS. The IDs of your users need to be the same as on the server
> otherwise I haven't found a restriction.

NFS shares != Samba shares and 'mounting' != hosting Samba shares ;-)

Up until Samba 4.8.0, 'smbd' (the fileserver component on a Unix domain 
member) could contact AD directly, but after 4.8.0 , smbd must now go 
through winbind, sssd uses some of the winbind code, so it is 
incompatible with winbind.

As I said, you can use sssd for authentication, but if you want to 
server files, you will have to use Samba with winbind.


More information about the samba mailing list