[Samba] authentication issue moving from Samba 4.11.x to 4.13.14

Rowland Penny rpenny at samba.org
Mon Mar 21 17:38:12 UTC 2022

On Mon, 2022-03-21 at 13:17 -0400, Gaiseric Vandal via samba wrote:
> LDAP is used for user and group lookups at the Unix/Linux level.  
> This 
> includes nfs and ssh.  The authentication itself is typically 
> kerberos.   Presumably if nsswitch.conf pointed to winbind but not
> ldap 
> it everything would continue to work.

Got to ask this, why are you using ldap for Unix user & group lookups ?
I presume that the ldap lookups are searching for RFC2307 attributes,
if so, ldap is a bit redundant, your 'ad' backend will use the same IDs

While there a numerous superfluous lines in your smb.conf, it is
basically sound.


More information about the samba mailing list