[Samba] Samba on CentOS 8 with sssd and AD users/groups and local users/groups
Luc Lalonde
luc.lalonde at polymtl.ca
Thu Jan 13 18:05:26 UTC 2022
No I read that!
To me it says:
1. We know that there are issues with using SSSD and we're working on it
2. We'll continue to support you if you choose this configuration
3. We're not ready to offer a working supported alternative yet, again,
we're working on it
In my experience, RHEL7 works well with standalone Winbind.
Unfortunately, I can't get it to work properly on RHEL8 without SSSD.
Perhaps I'm missing something, but the latest Redhat documentation
continues to push SSSD + Winbind ad the way to go:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_authentication_and_authorization_in_rhel/configuring-a-rhel-host-to-use-ad-as-an-authentication-provider_configuring-authentication-and-authorization-in-rhel
I would love to dump SSSD on my RedHat/CentOS/Fedora systems... but
we're not quite there yet!
On 1/13/22 10:47, Rowland Penny via samba wrote:
> On Thu, 2022-01-13 at 10:22 -0500, Luc Lalonde via samba wrote:
>> Hello Rowland,
>>
>> I've read the article mentionned below... and I don't see how it
>> could
>> be interpreted as a 'non-recomendation'.
> Did you miss this under 'Support status':
>
> [quote]
> Therefore Red Hat currently does not recommend using the idmap_sss
> module for Samba file server enrolled into an IdM or AD domain.
> [/quote]
>
> They only provide limited support if you use sssd with Samba and only
> then if it is an existing setup.
>
> I cannot see any other definition of 'does not recommend' other than
> 'do not use it'
>
> Rowland
>
>
>
--
Luc Lalonde, analyste
-----------------------------
Département de génie informatique et génie logiciel:
École polytechnique de MTL
(514) 340-4711 x5049
Luc.Lalonde at polymtl.ca
More information about the samba
mailing list