Steve, thanks a lot, I finally got sssd (version 1.8.4) on debian wheezy working with samba 4 (Version 4.0.8-SerNet-Debian-5.wheezy)!
But one last question regarding unix attributes in the AD stays: I noticed that uidnumber/gid... is not written back to the active directory when creating a user or group. I set "idmap_ldb:use rfc2307 = yes" in my smb.conf, but it seems that samba-tool is ignoring this. Is this a bug? At http://linuxcostablanca.blogspot.com.es/2013/04/sssd-in-samba-40.html I see a script that wraps around the "samba-tool" when creating a user. After creating it asks winbind for uid/gid and writes these information back to AD. This seems fine as workaround but it would be nice if samba-tool does this out-of-the-box or? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba