[Samba] Is idmap backend nss still a thing?
Rowland Penny
rpenny at samba.org
Wed Nov 30 21:12:26 UTC 2022
On 30/11/2022 20:47, Andrew Bartlett via samba wrote:
> On Wed, 2022-11-30 at 20:01 +0000, Vaughan, Robert J via samba wrote:
>> Hello Samba world
>>
>> Is idmap backend nss still supported/in use for winbind? My unix
>> rfc2307 user info is available in a unix LDAP system (currently used
>> by ssh via sssd) so I could use it whilst we contemplate AD migration
>>
>> Any issues with winbind/sssd? Red Hat 7 and 8 domain member servers
>>
>
> Expect the usual Samba/sssd warnings to be given,
Do you mean the one about winbind/sssd only giving you authentication ?
but on your strict
> question, yes idmap_nss is still a thing (mostly aimed at users with a
> traditional LDAP backend for unix names) and is tested.
>
> Indeed it is likely to be more secure and better behaved then the other
> ways we try to fallback to local unix names.
What other way is there ?
>
> Andrew Bartlett
>
Rowland
More information about the samba
mailing list