[Samba] Is idmap backend nss still a thing?

Rowland Penny rpenny at samba.org
Wed Nov 30 21:12:26 UTC 2022

On 30/11/2022 20:47, Andrew Bartlett via samba wrote:
> On Wed, 2022-11-30 at 20:01 +0000, Vaughan, Robert J via samba wrote:
>> Hello Samba world
>> Is idmap backend nss still supported/in use for winbind?  My unix
>> rfc2307 user info is available in a unix LDAP system (currently used
>> by ssh via sssd) so I could use it whilst we contemplate AD migration
>> Any issues with winbind/sssd?  Red Hat 7 and 8 domain member servers
> Expect the usual Samba/sssd warnings to be given,

Do you mean the one about winbind/sssd only giving you authentication ?

  but on your strict
> question, yes idmap_nss is still a thing (mostly aimed at users with a
> traditional LDAP backend for unix names) and is tested.
> Indeed it is likely to be more secure and better behaved then the other
> ways we try to fallback to local unix names.

What other way is there ?

> Andrew Bartlett


More information about the samba mailing list