Reputation: 10818
What is the difference between samba and sssd?
In my ubuntu workstation I use /etc/samba/smb.conf and /etc/sssd/sssd.conf with /etc/krb5.conf in order to join active directory on a corporate network.
sudo service samba-ad-dc status
# inactive
sudo service sssd status
# active (running)
However I cannot yet tell what is the difference between samba and sssd. Can someone explain what are the differences between these two services and where do they overlap?
- Can sssd work even without samba. Does it directly read
smb.conf? - How do they depend to each other?
I have read the documentation, but I need a simpler explanation.
Upvotes: 0
Views: 744
Answers (1)
Reputation: 11
I am presuming you are trying to log in your workstation using the domain credentials. For that, you do not need samba. You just need set up the sssd.
I don't know which packages are necessary in an ubuntu box, but the packages needed for a Red Hat Enterprise Linux based are these:
realmd samba-common-tools krb5-workstation oddjob oddjob-mkhomedir adcli
To join in the domain the command is this one:
realm join --user=user_with_permission_to_add_computers_in_the_domain --computer-ou=OU="OU_to_add" domain_name.com
The configuration file, as you mentioned, is this:
/etc/sssd/sssd.conf
I find useful to add this options in the configuration file:
- access_provider = simple # This will allow you to control who can log in the computer using the simple_allow_groups below.
- use_fully_qualified_names = False # Allow you to log on using just the username, not the standard option username@domainname
- fallback_homedir = /home/%d/%u # Change the home directory to /home/domainname/username
- simple_allow_groups = groupname1, groupname2 # Domain groupnames allow you to limit the log on permission for just the members of the groups in this option.
To enable the service:
systemctl enable sssd
systemctl start sssd
Some useful commands:
To clear the cache:
sss_cache -E
To check if the workstation is member of a domain:
realm list
To check the status of the domain:
sssctl domain-status domainname
To leave the domain:
realm leave -U user_with_permission_to_add_computers_in_the_domain domainname
I hope you find this explanation useful.
Upvotes: 1
Related Questions
- What is the difference between XSD and WSDL?
- SSSD Integration with Microsoft AD for SSH Key based Login
- Difference between adfs and azure AD
- SSSD - LDAP group based access - ldap schema rfc2307bis
- Difference between System.DirectoryServices.ActiveDirectory and Microsoft.ActiveDirectory
- SSSD Authentication with Samba 4
- what is difference in UDDI, DISCO and WSDL?
- difference between SOAP and WSDL
- System.DirectoryServices vs system.directoryservices.accountmanagement
- What is the difference between building a WSDL in Eclipse and using WCF?