Hello Dear SSSD Users,
I recently configured a Samba share on a centos 7 linux as server member of a Active Directory domain.
I installed Kerberos, SSSD, and add Winbind for Samba. I used Winbind for mapping posix attributes (RFC2307) added on the AD
and I need SSSD to allow authentication with sFtp, to enable access to files updates from an other system...
Some people tell me Samba needs only Winbind or only SSSD to work with AD.
I noticed that SSSD was needed to retrieve secondary GUID on my samba share. By example, to update a list of secondary GUID (add 601 GUID on AD for a user), I do the following commands on the linux server : # sss_cache -E # id -G username 513 600 627 615 617 580 584 626 629 595 564 601 Then it is updated on the Windows client.
Can someone know if SSSD is requiered with Winbind in that case ? Or did I not well configured Winbind to retrieve secondary GUID ?
my smb.conf : winbind nss info = rfc2307 idmap config MYDOMAINAD : backend = ad idmap config MYDOMAINAD : schema_mode = rfc2307 idmap config MYDOMAINAD : range = 1-14999 idmap config MYDOMAINAD : unix_nss_info = yes idmap config MYDOMAINAD : unix_primary_group = yes
Best Regards,
Ed
Yes, those people were right. You need either winbind or sssd as both do essentially the same thing. But if I were you, I would rip out winbind and replace it by sssd. Ondrej
________________________________________ From: Edouard Guigné [eguigne@pasteur-cayenne.fr] Sent: Friday, May 04, 2018 6:07 PM To: sssd-users@lists.fedorahosted.org Subject: [SSSD-users] Is SSSD needed with samba winbind - centos 7 ?
Hello Dear SSSD Users,
I recently configured a Samba share on a centos 7 linux as server member of a Active Directory domain.
I installed Kerberos, SSSD, and add Winbind for Samba. I used Winbind for mapping posix attributes (RFC2307) added on the AD
and I need SSSD to allow authentication with sFtp, to enable access to files updates from an other system...
Some people tell me Samba needs only Winbind or only SSSD to work with AD.
I noticed that SSSD was needed to retrieve secondary GUID on my samba share. By example, to update a list of secondary GUID (add 601 GUID on AD for a user), I do the following commands on the linux server : # sss_cache -E # id -G username 513 600 627 615 617 580 584 626 629 595 564 601 Then it is updated on the Windows client.
Can someone know if SSSD is requiered with Winbind in that case ? Or did I not well configured Winbind to retrieve secondary GUID ?
my smb.conf : winbind nss info = rfc2307 idmap config MYDOMAINAD : backend = ad idmap config MYDOMAINAD : schema_mode = rfc2307 idmap config MYDOMAINAD : range = 1-14999 idmap config MYDOMAINAD : unix_nss_info = yes idmap config MYDOMAINAD : unix_primary_group = yes
Best Regards,
Ed _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org = -----
The information contained in this e-mail and in any attachments is confidential and is designated solely for the attention of the intended recipient(s). If you are not an intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or any part thereof. If you have received this e-mail in error, please notify the sender by return e-mail and delete all copies of this e-mail from your computer system(s). Please direct any additional queries to: communications@s3group.com. Thank You. Silicon and Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office: South County Business Park, Leopardstown, Dublin 18.
sssd-users@lists.fedorahosted.org