[Samba] Replacing SSSD with just WINBIND for NFSv4
Rowland Penny
rpenny at samba.org
Mon Aug 30 17:48:34 UTC 2021
On Mon, 2021-08-30 at 13:26 -0400, Luc Lalonde via samba wrote:
> Hello Foks,
>
> I would like to remove SSSD from the equation for NFSv4 + AutoFS
> mounts.
>
> Presently we use SSSD + Winbind
You shouldn't be unless you are using a version of Samba less than
4.8.0
> for LDAP-KRB5 authentication and AutoFS-NFSv4 for home directories.
>
> We have 4 NFS servers that split the load for our Linux clients. We
> use this option in SSSD.CONF to get the users home directory:
>
> ldap_user_home_directory = unixHomeDirectory
>
> Here are other options that we use:
>
> ldap_user_search_base = dc=example,dc=com
> ldap_user_object_class = user
> ldap_user_principal = userPrincipalName
> ldap_schema = rfc2307bis
> ldap_user_fullname = displayName
> ldap_user_name = sAMAccountName
> ldap_group_object_class = group
>
> Upon account creation, UID and GID are stored in AD, and everything
> works great. We also do not use DOMAIN\USERNAME logins, just
> USERNAME.
>
> Is there a way to achieve this with just WINBIND?
Yes
Oh, I think you mean 'how do I do this' :-)
Post your smb.conf and I will talk you through how, but it starts with
removing sssd and realm
I will also need to know what the lowest uidNumber attribute is.
Rowland
More information about the samba
mailing list