[Samba] General advice needed, granting machine account permissions to a share?
Rowland Penny
rpenny at samba.org
Tue Nov 14 08:56:45 UTC 2023
On Mon, 13 Nov 2023 19:52:07 -0600
Matt Pruett via samba <samba at lists.samba.org> wrote:
> Here's the situation:
> I used sssd-winbind to join the server to a native windows domain.
> Following these instructions:
> https://access.redhat.com/solutions/3802321
That is behind a sign in wall, I cannot view it.
>
> This all seems to be working fine. I have various shares that various
> AD groups can access and within those shares I use "posix" acls to do
> some more fine grained permissions.
>
The problem is, sssd is not provided or written by Samba, it is a
redhat product and isn't required for Samba to work.
As it isn't a Samba product, very little is know about it here, you will
get much more help from the sssd-users mailing list.
If you decide to remove sssd and go with just Samba, we can help you
with that.
If you just require authentication, then sssd is great, but the moment
that you require file shares, it has nothing to offer. For file sharing
you require the 'smbd' daemon, which in an AD domain requires winbind.
There is, in my opinion, no point in running winbind and sssd, they
both do the same thing, so just run winbind without sssd and only have
one configuration file.
Rowland
More information about the samba
mailing list