[Samba] Replacing SSSD with just WINBIND for NFSv4

Luc Lalonde Luc.Lalonde at polymtl.ca
Mon Aug 30 17:26:43 UTC 2021

Hello Foks,

I would like to remove SSSD from the equation for NFSv4 + AutoFS mounts.

Presently we use SSSD + Winbind for LDAP-KRB5 authentication and AutoFS-NFSv4 for home directories.

We have 4 NFS servers that split the load for our Linux clients.   We use this option in SSSD.CONF to get the users home directory:

ldap_user_home_directory = unixHomeDirectory

Here are other options that we use:

ldap_user_search_base = dc=example,dc=com
ldap_user_object_class = user
ldap_user_principal = userPrincipalName
ldap_schema = rfc2307bis
ldap_user_fullname = displayName
ldap_user_name = sAMAccountName
ldap_group_object_class = group

Upon account creation, UID and GID are stored in AD, and everything works great.  We also do not use DOMAIN\USERNAME logins, just USERNAME.

Is there a way to achieve this with just WINBIND?

Thank You!

Luc Lalonde, analyste
Département de génie informatique:
École polytechnique de MTL
(514) 340-4711 x5049
Luc.Lalonde at polymtl.ca

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20210830/d2dbed5d/OpenPGP_signature.sig>

More information about the samba mailing list