[Samba] Windows file ownership changed from SID to Unix User
Rowland penny
rpenny at samba.org
Sun Nov 22 15:27:52 UTC 2020
On 22/11/2020 14:58, Gregory Giguashvili wrote:
>
> There is no one supporting the use of sssd with Samba, not even
> Red Hat.
>
> Now that I know what to look for (thank you, Roland!), I found
> https://access.redhat.com/solutions/3802321
> <https://access.redhat.com/solutions/3802321> page explaining how to
> properly bridge between SSSD and winbind.
>
> In essence, the following configuration is in place (copy-pasting
> main parts of the document for the benefit of those who has no RHEL
> Customer Portal access)
>
> # yum install realmd oddjob oddjob-mkhomedir sssd adcli samba
> samba-winbind krb5-workstation
> # realm join testlab.redhat.com <http://testlab.redhat.com> -U
> Administrator --client-software=sssd --membership-software=samba
> # systemctl stop sssd ; rm -f /var/lib/sss/db/* ; systemctl start sssd
>
> // This is the key! Need to replace winbind client RPM by
> SSSD-winbind-idmap RPM
> # yum remove sssd-libwbclient
> # yum install sssd-winbind-idmap
>
> /etc/samba/smb.conf - idmap configuration:
> idmap config * : backend = tdb
> idmap config * : range = 10000-199999
> idmap config TESTLAB : backend = sss
> idmap config TESTLAB : range = 200000-2147483647
>
> # systemctl enable smb winbind ; systemctl restart smb winbind
That isn't going to work with Samba and shares, you are just getting
authentication.
I will counter your (behind a pay wall) red-hat document with this one:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/deploying_different_types_of_servers/assembly_using-samba-as-a-server_deploying-different-types-of-servers
Where it clearly states:
Important
Red Hat only supports running Samba as a server with the |winbindd|
service to provide domain users and groups to the local system. Due to
certain limitations, such as missing Windows access control list (ACL)
support and NT LAN Manager (NTLM) fallback, SSSD is not supported.
'sss' is sssd
I repeat, using sssd with Samba is not supported by Samba and it isn't
supported by Red-Hat.
Rowland
More information about the samba
mailing list