[Samba] Is idmap backend nss still a thing?

Andrew Bartlett abartlet at samba.org
Wed Nov 30 20:47:28 UTC 2022

On Wed, 2022-11-30 at 20:01 +0000, Vaughan, Robert J via samba wrote:
> Hello Samba world
> Is idmap backend nss still supported/in use for winbind?  My unix
> rfc2307 user info is available in a unix LDAP system (currently used
> by ssh via sssd) so I could use it whilst we contemplate AD migration
> Any issues with winbind/sssd?  Red Hat 7 and 8 domain member servers

Expect the usual Samba/sssd warnings to be given, but on your strict
question, yes idmap_nss is still a thing (mostly aimed at users with a
traditional LDAP backend for unix names) and is tested.

Indeed it is likely to be more secure and better behaved then the other
ways we try to fallback to local unix names.

Andrew Bartlett

Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source

More information about the samba mailing list