[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sssd-users
Subject:    =?utf-8?q?=5BSSSD-users=5D?= Getting cifs.idmap working on Debian
From:       "Dave Hope" <dave () hope ! mx>
Date:       2019-03-11 18:26:34
Message-ID: 20190311182634.25621.88951 () mailman01 ! phx2 ! fedoraproject ! org
[Download RAW message or body]

Good day,

I am trying to use SSSD with cifsacls for an CIFS mount on Debian Buster with SSSD \
1.16.

The system I'm testing with is joined to an AD domain. I can log-in with domain \
credentials and check domain users with "id" or "getent passed" etc.

A CIFS share is mounted as follows, with /usr/local/etc/whisper.credentials \
containing an account in the local SAM database on REMOTESERVER.

mount -t cifs //REMOTESERVER/SHARE /mnt/test -o \
credentials=/usr/local/etc/whisper.credentials,noperm,cifsacl -v

getcifsacl returns the SID's, but does not resolve to names.

My assumption is therefore that cifs.idmap is not making use of the SSSD \
functionality. 

libwbclient.so is installed \
(/usr/lib/x86_64-linux-gnu/sssd/modules/libwbclient.so.0.14.0) and has exports such \
as wbcLookupName. I can't spot an elf library with calls such as \
cifs_idmap_init_plugin.

/etc/request-key.conf has:
create  cifs.spnego     *       *               /usr/sbin/cifs.upcall -c %k
create  dns_resolver    *       *               /usr/sbin/cifs.upcall %k

Debian's update-alternatives lists ipmap-plugin, but does not provide any \
alternatives to idmapwb.so provided by cifs-utils.

sssd is configured with id_provider = ad , ldap_id_mappinng = True , \
use_fully_qualified_names = True

winbind / samba is not installed.

Would someone mind providing guidance on how best to proceed in troubleshooting the \
issue? _______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org



[prev in list] [next in list] [prev in thread] [next in thread]