[Samba] Is idmap backend nss still a thing?
Andrew Bartlett
abartlet at samba.org
Wed Nov 30 20:47:28 UTC 2022
On Wed, 2022-11-30 at 20:01 +0000, Vaughan, Robert J via samba wrote:
> Hello Samba world
>
> Is idmap backend nss still supported/in use for winbind? My unix
> rfc2307 user info is available in a unix LDAP system (currently used
> by ssh via sssd) so I could use it whilst we contemplate AD migration
>
> Any issues with winbind/sssd? Red Hat 7 and 8 domain member servers
>
Expect the usual Samba/sssd warnings to be given, but on your strict
question, yes idmap_nss is still a thing (mostly aimed at users with a
traditional LDAP backend for unix names) and is tested.
Indeed it is likely to be more secure and better behaved then the other
ways we try to fallback to local unix names.
Andrew Bartlett
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
More information about the samba
mailing list