On Thu, Apr 10, 2014 at 04:44:20PM +0100, Rowland Penny wrote:
> On 10/04/14 15:20, Jakub Hrozek wrote:
>> Hi,
>>
>> our current HOWTO[1] on connecting SSSD to an AD DC is outdated,
>> mostly because the page still only introduces the LDAP provider. Recently, me,
>> Sumit and Jeremy Agee wrote a new page that specifically advises to use
>> the AD provider and also use realmd for setup:
>>
https://fedorahosted.org/sssd/wiki/Configuring_sssd_with_ad_server
>>
>> We started a new page and kept the old one around mostly because pre-1.9
>> versions still need the LDAP provider info.
>>
>> I'd like to get some review and feedback from our community so we can
>> link the wiki page from the front page or the documentation section. In
>> addition to the lists, I also CC-ed the individual contributors to the
>> original page directly..I hope that's fine.
>>
>> Thank you for your comments.
>>
>> [1]
>>
https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate...
>> _______________________________________________
>> sssd-users mailing list
>> sssd-users(a)lists.fedorahosted.org
>>
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
> I have had a quick read through and it all seems ok apart from one
> thing, it seems to be based on the premise that there is only one AD
> server available, it doesn't mention the Samba 4 AD server at all
> and I can assure you that it does work with Samba 4.
>
> Rowland
Except where it doesn't because Samba 4 behaves differently from AD:
https://fedorahosted.org/sssd/ticket/2311
I'm not trying to bash Samba here, really, but the AD provider has so
far been tested only with real AD server. So what about saying something
along the lines of "AD compatible server implementations, notably Samba
4 are currently not tested by the SSSD upstream, although we would
accept any upstream bug reports from setups with a Samba 4 server".
On a side note, we're currently working on getting a Continuous Integration
setup up and running. It might be prudent to include a Samba 4 server in
the CI setup eventually (although probably not as a tier 1 priority) to
test against.
Thanks for bringing Samba 4 up and for reading through the HOWTO!
_______________________________________________
sssd-users mailing list
sssd-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users Hi again, well one step
forward and three backwards ;-)
I did have sssd in 'ad' mode working using the packages from Timo's ppa
on Ubuntu 12.04, Just moved to 14.04 (after they fixed their broken
samba packages) and ARRRRGHHH, you are right, sssd doesn't work any more.
Sigh, I will just have to wait until Ubuntu fix their 1.11.5 sssd packages.
Rowland