In a previous post, I compared the features and capabilities of Samba winbind and SSSD. In this post, I will focus on formulating a set of criteria for how to choose between SSSD and winbind. In general, my recommendation is to choose SSSD... but there are some notable exceptions.
- The first exception is if you have a deployment of Linux systems that are already leveraging Samba winbind for integration purposes. While, in this scenario, it might be cost prohibitive to switch to SSSD – you might eventually consider switching off Samba winbind due to changing / shifting requirements. In such cases we recommend engaging with a Red Hat representative to receive an overview of the latest integration capabilities (...as SSSD and IdM technologies are actively being developed – each incorporating additional features and capabilities over time).
- The second exception is if you use Active Directory (AD) with the NTLM protocol enabled and fallback to NTLM authentication is still a requirement for your environment. In this scenario, winbind is a better choice as SSSD does not support the NTLM protocol.
- The third exception is if SSSD fails to support a specific feature that you require (i.e. one that winbind supports); indeed, not all use cases are addressed in the same way between SSSD and winbind. For example, SSSD does not support cross forest AD trusts when connected directly to AD (and winbind does). However, in this example, the work around is to use IdM. Being connected to IdM, SSSD recognizes other AD forests that are in trust relationships with the IdM domain. Irrespective, if there are specific features that you require, ones
that SSSD fails to support, we’d be very interested to hear more about your needs.
Is Samba winbind
deprecated? The answer is most certainly: no. The reality is that there’s currently a shift in emphasis from one technology to another and, as always, Red Hat is committed to supporting features and components that are (already) widely adopted and deployed while also making sure we provide support for new deployments to select the best available option. Have you shifted from Samba winbind to SSSD? If not, what’s holding you back? Let me know what you think in the comments section below.
About the author
Browse by channel
Automation
The latest on IT automation that spans tech, teams, and environments
Artificial intelligence
Explore the platforms and partners building a faster path for AI
Open hybrid cloud
Explore how we build a more flexible future with hybrid cloud
Security
Explore how we reduce risks across environments and technologies
Edge computing
Updates on the solutions that simplify infrastructure at the edge
Infrastructure
Stay up to date on the world’s leading enterprise Linux platform
Applications
The latest on our solutions to the toughest application challenges
Original shows
Entertaining stories from the makers and leaders in enterprise tech
Products
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Cloud services
- See all products
Tools
- Training and certification
- My account
- Developer resources
- Customer support
- Red Hat value calculator
- Red Hat Ecosystem Catalog
- Find a partner
Try, buy, & sell
Communicate
About Red Hat
We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.
Select a language
Red Hat legal and privacy links
- About Red Hat
- Jobs
- Events
- Locations
- Contact Red Hat
- Red Hat Blog
- Diversity, equity, and inclusion
- Cool Stuff Store
- Red Hat Summit