-----Original Message----- From: sssd-users-bounces@lists.fedorahosted.org [mailto:sssd-users-bounces@lists.fedorahosted.org] On Behalf Of Jakub Hrozek Sent: 15. april 2014 13:34 To: sssd-users@lists.fedorahosted.org Subject: Re: [SSSD-users] [SSSD] New AD provider howto
On Tue, Apr 15, 2014 at 10:42:42AM +0000, Longina Przybyszewska wrote:
I think, it is worth to mention the 'msktutil' for joining AD; it is specially useful for installing a batch of computers, Is well documented with a lot of options. It lets to join domain independent from samba, with full control on creating keytab, encryption type, required UPN/SPN names etc . In Ubuntu, package downloadable from mainstream repositories. I found this program more accurate to work with than the realmd - ok - in unstable 14.04 .
I wonder what problems you had with realmd, were any bugs logged?
I can't recall it precisely now - but as far as I remember (in Ubuntu): 1. default was to install all missing packages, and to auto-configure sssd, each time it run, very annoying- should be able to discover the first time run; 2. join-leave-join sequence didn't work; machine successfully "left" AD, but when joining again it said "already joined" (At first machine joined in default container, so I need to move it to another one) even if it was manually removed from AD. As I knew the other utility 'msktutil', I could continue working with that machine.
Using ad provider in multi domain environment and Global Catalog search: -do I still need the section for each subdomain in sssd.conf? Can I configure sssd only for main domain C.EXAMPLE.COM, if all subdomains {A,B,D}.C.EXAMPLE.COM don't differ?
If the subdomans are all part of a single forest, then SSSD should be able to see all the domains and all their users with 1.11.x.
Longina
_______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users