In a previous post, I compared the features and capabilities of Samba winbind and SSSD. In this post, I will focus on formulating a set of criteria for how to choose between SSSD and winbind. In general, my recommendation is to choose SSSD... but there are some notable exceptions.
- The first exception is if you have a deployment of Linux systems that are already leveraging Samba winbind for integration purposes. While, in this scenario, it might be cost prohibitive to switch to SSSD – you might eventually consider switching off Samba winbind due to changing / shifting requirements. In such cases we recommend engaging with a Red Hat representative to receive an overview of the latest integration capabilities (...as SSSD and IdM technologies are actively being developed – each incorporating additional features and capabilities over time).
- The second exception is if you use Active Directory (AD) with the NTLM protocol enabled and fallback to NTLM authentication is still a requirement for your environment. In this scenario, winbind is a better choice as SSSD does not support the NTLM protocol.
- The third exception is if SSSD fails to support a specific feature that you require (i.e. one that winbind supports); indeed, not all use cases are addressed in the same way between SSSD and winbind. For example, SSSD does not support cross forest AD trusts when connected directly to AD (and winbind does). However, in this example, the work around is to use IdM. Being connected to IdM, SSSD recognizes other AD forests that are in trust relationships with the IdM domain. Irrespective, if there are specific features that you require, ones
that SSSD fails to support, we’d be very interested to hear more about your needs.
Is Samba winbind
deprecated? The answer is most certainly: no. The reality is that there’s currently a shift in emphasis from one technology to another and, as always, Red Hat is committed to supporting features and components that are (already) widely adopted and deployed while also making sure we provide support for new deployments to select the best available option. Have you shifted from Samba winbind to SSSD? If not, what’s holding you back? Let me know what you think in the comments section below.
Sull'autore
Ricerca per canale
Automazione
Novità sull'automazione IT di tecnologie, team e ambienti
Intelligenza artificiale
Aggiornamenti sulle piattaforme che consentono alle aziende di eseguire carichi di lavoro IA ovunque
Hybrid cloud open source
Scopri come affrontare il futuro in modo più agile grazie al cloud ibrido
Sicurezza
Le ultime novità sulle nostre soluzioni per ridurre i rischi nelle tecnologie e negli ambienti
Edge computing
Aggiornamenti sulle piattaforme che semplificano l'operatività edge
Infrastruttura
Le ultime novità sulla piattaforma Linux aziendale leader a livello mondiale
Applicazioni
Approfondimenti sulle nostre soluzioni alle sfide applicative più difficili
Virtualizzazione
Il futuro della virtualizzazione negli ambienti aziendali per i carichi di lavoro on premise o nel cloud