diff --git a/sssd.spec b/sssd.spec
index 3e9efdb..90ed7c6 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -31,16 +31,16 @@ Source3:        baselibs.conf
 Patch1:         sssd-ldflags.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
-%define servicename sssd
-%define sssdstatedir %_localstatedir/lib/sss
-%define dbpath %sssdstatedir/db
-%define pipepath %sssdstatedir/pipes
-%define pubconfpath %sssdstatedir/pubconf
+%define servicename	sssd
+%define sssdstatedir	%_localstatedir/lib/sss
+%define dbpath		%sssdstatedir/db
+%define pipepath	%sssdstatedir/pipes
+%define pubconfpath	%sssdstatedir/pubconf
 
-# SLES11 doesn't know the python_* macros
 %if %suse_version <= 1110
-%define python_sitelib %py_sitedir
-%define python_sitearch %py_sitedir
+# SLES11 doesn't know the python_* macros
+%define python_sitelib	%py_sitedir
+%define python_sitearch	%py_sitedir
 %endif
 
 BuildRequires:  autoconf >= 2.59
@@ -105,6 +105,7 @@ BuildRequires:  systemd
 %if %suse_version >= 1230
 BuildRequires:  gpg-offline
 %endif
+Requires:       sssd-ldap = %version-%release
 Requires(postun): pam-config
 
 %description
@@ -114,15 +115,67 @@ the system and a pluggable backend system to connect to multiple different
 account sources. It is also the basis to provide client auditing and policy
 services for projects like FreeIPA.
 
-%package ipa-provider
-Summary:        FreeIPA provider plugin for sssd
-License:        GPL-3.0+ and LGPL-3.0+
+%package ad
+Summary:        The ActiveDirectory backend plugin for sssd
+License:        GPL-3.0+
 Group:          System/Daemons
-Requires:       sssd = %version
+Requires:       %name-krb5-common = %version
 
-%description ipa-provider
-This package provide the FreeIPA provider plugin for the System Security
-Services Daemon (sssd).
+%description ad
+Provides the Active Directory back end that the SSSD can utilize to
+fetch identity data from and authenticate against an Active Directory
+server.
+
+%package ipa
+Summary:        FreeIPA backend plugin for sssd
+License:        GPL-3.0+
+Group:          System/Daemons
+Requires:       %name = %version
+Requires:       %name-krb5-common = %version-%release
+Obsoletes:      %name-ipa-provider < %version-%release
+Provides:       %name-ipa-provider = %version-%release
+
+%description ipa
+Provides the IPA back end that the SSSD can utilize to fetch identity
+data from and authenticate against an IPA server.
+
+%package krb5
+Summary:        The Kerberos authentication backend plugin for sssd
+License:        GPL-3.0+
+Group:          System/Daemons
+Requires:       %name-krb5-common = %version-%release
+
+%description krb5
+Provides the Kerberos back end that the SSSD can utilize authenticate
+against a Kerberos server.
+
+%package krb5-common
+Summary:        SSSD helpers needed for Kerberos and GSSAPI authentication
+License:        GPL-3.0+
+Group:          System/Daemons
+
+%description krb5-common
+Provides helper processes that the LDAP and Kerberos back ends can
+use for Kerberos user or host authentication.
+
+%package ldap
+Summary:        The LDAP backend plugin for sssd
+License:        GPL-3.0+
+Group:          System/Daemons
+Requires:       %name-krb5-common = %version-%release
+
+%description ldap
+Provides the LDAP back end that the SSSD can utilize to fetch
+identity data from and authenticate against an LDAP server.
+
+%package proxy
+Summary:        The proxy backend plugin for sssd
+License:        GPL-3.0+
+Group:          System/Daemons
+
+%description proxy
+Provides the proxy back end which can be used to wrap an existing NSS
+and/or PAM modules to leverage SSSD caching.
 
 %package tools
 Summary:        Commandline tools for sssd
@@ -201,7 +254,7 @@ A utility library to allow communication between sudo and SSSD.
 
 %package -n python-ipa_hbac
 Summary:        Python bindings for the FreeIPA HBAC Evaluator library
-License:        GPL-3.0+ and LGPL-3.0+
+License:        LGPL-3.0+
 Group:          Development/Libraries/Python
 %py_requires
 
@@ -209,6 +262,16 @@ Group:          Development/Libraries/Python
 The python-ipa_hbac package contains the bindings so that libipa_hbac
 can be used by Python applications.
 
+%package -n python-sss_nss_idmap
+Summary:        Python bindings for libsss_nss_idmap
+License:        LGPL-3.0+
+Group:          Development/Libraries/Python
+%py_requires
+
+%description -n python-sss_nss_idmap
+The libsss_nss_idmap-python contains the bindings so that
+libsss_nss_idmap can be used by Python applications.
+
 %package -n python-sssd-config
 Summary:        Python API for configuring sssd
 License:        GPL-3.0+ and LGPL-3.0+
@@ -264,12 +327,14 @@ install -d "$b/%_mandir"/{cs,cs/man8,nl,nl/man8,pt,pt/man8,uk,uk/man1} \
            "$b/%_mandir"/{uk/man5,uk/man8};
 install -d "$b/%_sysconfdir/sssd";
 install -m600 src/examples/sssd-example.conf "$b/%_sysconfdir/sssd/sssd.conf";
-install src/sysv/SUSE/sssd "$b/%_sysconfdir/init.d/sssd";
 %if 0%{?_unitdir:1}
 install -d "$b/%_unitdir";
 install src/sysv/systemd/sssd.service "$b/%_unitdir/sssd.service";
+rm -Rf "$b/%_initddir"
+%else
+install src/sysv/SUSE/sssd "$b/%_sysconfdir/init.d/sssd";
+ln -sf ../../etc/init.d/sssd "$b/usr/sbin/rcsssd"
 %endif
-ln -sf ../../etc/init.d/sssd $b/usr/sbin/rcsssd
 
 find "$b" -type f -name "*.la" -delete;
 
@@ -313,69 +378,128 @@ fi;
 %postun -n libipa_hbac0 -p /sbin/ldconfig
 %post   -n libsss_idmap0 -p /sbin/ldconfig
 %postun -n libsss_idmap0 -p /sbin/ldconfig
+%post   -n libsss_nss_idmap0 -p /sbin/ldconfig
+%postun -n libsss_nss_idmap0 -p /sbin/ldconfig
 
 %files -f sssd.lang
 %defattr(-,root,root)
 %doc COPYING
-%_initrddir/%name
 %if 0%{?_unitdir:1}
 %_unitdir
+%else
+%_initrddir/%name
+%_sbindir/rcsssd
 %endif
 %_bindir/sss_ssh_*
 %_sbindir/sssd
-%_sbindir/rcsssd
-%dir %_libdir/%name
-%dir %_libexecdir/%name
-%dir %_mandir/cs
-%dir %_mandir/cs/man8
-%dir %_mandir/nl
-%dir %_mandir/nl/man8
-%dir %_mandir/pt
-%dir %_mandir/pt/man8
-%dir %_mandir/uk
-%dir %_mandir/uk/man1
-%dir %_mandir/uk/man5
-%dir %_mandir/uk/man8
-%_mandir/??/man?/*
+%dir %_mandir/??/
+%dir %_mandir/??/man?/
+%_mandir/??/man1/sss_ssh_*
+%_mandir/??/man5/sssd-simple.5*
+%_mandir/??/man5/sssd-sudo.5*
+%_mandir/??/man5/sssd.conf.5*
+%_mandir/??/man8/sssd.8*
 %_mandir/man1/sss_ssh_*
-%_mandir/man5/sssd-ad.5*
-%_mandir/man5/sssd-krb5.5*
-%_mandir/man5/sssd-ldap.5*
 %_mandir/man5/sssd-simple.5*
 %_mandir/man5/sssd-sudo.5*
+%_mandir/man5/sssd.conf.5*
 %_mandir/man8/sssd.8*
-%_mandir/man5/sssd.conf.5.gz
-%_libexecdir/%name/sss*
-%_libexecdir/%name/*_child
-%_libdir/%name/libsss_ad.so
+%dir %_libdir/%name/
 %_libdir/%name/libsss_child*
 %_libdir/%name/libsss_crypt*
 %_libdir/%name/libsss_debug*
-%_libdir/%name/libsss_krb5*
-%_libdir/%name/libsss_ldap*
-%_libdir/%name/libsss_proxy*
 %_libdir/%name/libsss_simple*
 %_libdir/%name/libsss_util*
-%_libdir/%name/modules
+%_libdir/%name/modules/
+%dir %_libdir/ldb/
 %_libdir/ldb/memberof.so
+%dir %_libexecdir/%name/
+%_libexecdir/%name/sssd_*
 %dir %sssdstatedir
-%attr(700,root,root) %dir %dbpath
-%attr(755,root,root) %dir %pipepath
-%attr(700,root,root) %dir %pipepath/private
-%attr(755,root,root) %dir %pubconfpath
-%attr(750,root,root) %dir %_localstatedir/log/%name
-%dir %_sysconfdir/sssd
+%attr(700,root,root) %dir %dbpath/
+%attr(755,root,root) %dir %pipepath/
+%attr(700,root,root) %dir %pipepath/private/
+%attr(755,root,root) %dir %pubconfpath/
+%attr(750,root,root) %dir %_localstatedir/log/%name/
+%dir %_sysconfdir/sssd/
 %config(noreplace) %_sysconfdir/sssd/sssd.conf
-%_datadir/sssd/
-%exclude %_datadir/sssd/sssd.api.d/sssd-ipa.conf
+%dir %_datadir/%name/
+%_datadir/%name/sssd.api.conf
+%dir %_datadir/%name/sssd.api.d/
+%_datadir/%name/sssd.api.d/sssd-local.conf
+%_datadir/%name/sssd.api.d/sssd-simple.conf
 #
-# client side
+# sssd-client
 #
 /%_lib/libnss_sss.so.2
 /%_lib/security/pam_sss.so
 %_libdir/krb5/plugins/libkrb5/*
-%_mandir/man8/pam_sss.8.gz
-%_mandir/man8/sssd_krb5_locator_plugin.8.gz
+%_mandir/??/man8/pam_sss.8*
+%_mandir/??/man8/sssd_krb5_locator_plugin.8*
+%_mandir/man8/pam_sss.8*
+%_mandir/man8/sssd_krb5_locator_plugin.8*
+
+%files ad
+%defattr(-,root,root)
+%dir %_libdir/%name/
+%_libdir/%name/libsss_ad.so
+%dir %_datadir/%name/
+%dir %_datadir/%name/sssd.api.d/
+%_datadir/%name/sssd.api.d/sssd-ad.conf
+%dir %_mandir/??/man5/
+%_mandir/man5/sssd-ad.5*
+%_mandir/??/man5/sssd-ad.5*
+
+%files ipa
+%defattr(-,root,root)
+%dir %_libdir/%name/
+%_libdir/%name/libsss_ipa*
+%dir %_datadir/%name/
+%dir %_datadir/%name/sssd.api.d
+%_datadir/%name/sssd.api.d/sssd-ipa.conf
+%dir %_mandir/??/man5/
+%_mandir/man5/sssd-ipa.5*
+%_mandir/??/man5/sssd-ipa.5*
+
+%files krb5
+%defattr(-,root,root)
+%dir %_libdir/%name/
+%_libdir/%name/libsss_krb5.so
+%dir %_datadir/%name/
+%dir %_datadir/%name/sssd.api.d/
+%_datadir/%name/sssd.api.d/sssd-krb5.conf
+%dir %_mandir/??/man5/
+%_mandir/man5/sssd-krb5.5*
+%_mandir/??/man5/sssd-krb5.5*
+
+%files krb5-common
+%defattr(-,root,root)
+%dir %_libdir/%name/
+%_libdir/%name/libsss_krb5_common.so
+%dir %_libexecdir/%name/
+%_libexecdir/%name/krb5_child
+%_libexecdir/%name/ldap_child
+
+%files ldap
+%defattr(-,root,root)
+%dir %_libdir/%name/
+%_libdir/%name/libsss_ldap*
+%dir %_datadir/%name/
+%dir %_datadir/%name/sssd.api.d/
+%_datadir/%name/sssd.api.d/sssd-ldap.conf
+%dir %_mandir/??/man5/
+%_mandir/??/man5/sssd-ldap.5*
+%_mandir/man5/sssd-ldap.5*
+
+%files proxy
+%defattr(-,root,root)
+%dir %_libdir/%name/
+%_libdir/%name/libsss_proxy.so
+%dir %_libexecdir/%name/
+%_libexecdir/%name/proxy_child
+%dir %_datadir/%name/
+%dir %_datadir/%name/sssd.api.d/
+%_datadir/%name/sssd.api.d/sssd-proxy.conf
 
 %files tools
 %defattr(-,root,root)
@@ -386,30 +510,13 @@ fi;
 %_sbindir/sss_groupmod
 %_sbindir/sss_groupshow
 %_sbindir/sss_seed
+%_sbindir/sss_obfuscate
 %_sbindir/sss_useradd
 %_sbindir/sss_userdel
 %_sbindir/sss_usermod
-%_mandir/man8/sss_groupadd.8*
-%_mandir/man8/sss_groupdel.8*
-%_mandir/man8/sss_groupmod.8*
-%_mandir/man8/sss_groupshow.8*
-%_mandir/man8/sss_seed.8*
-%_mandir/man8/sss_useradd.8*
-%_mandir/man8/sss_userdel.8*
-%_mandir/man8/sss_usermod.8*
-%_mandir/man8/sss_obfuscate.8*
-%_mandir/man8/sss_cache.8*
-%_mandir/man8/sss_debuglevel.8*
-%attr(0755,root,root) %_sbindir/sss_obfuscate
-
-%files ipa-provider
-%defattr(-,root,root)
-%dir %_datadir/sssd
-%dir %_datadir/sssd/sssd.api.d
-%_datadir/sssd/sssd.api.d/sssd-ipa.conf
-%dir %_libdir/sssd/
-%_libdir/sssd/libsss_ipa*
-%_mandir/man5/sssd-ipa.*
+%dir %_mandir/??/man8/
+%_mandir/??/man8/sss_*.8*
+%_mandir/man8/sss_*.8*
 
 %files -n libipa_hbac0
 %defattr(-,root,root)
@@ -447,8 +554,14 @@ fi;
 
 %files -n python-ipa_hbac
 %defattr(-,root,root)
+%dir %python_sitearch
 %python_sitearch/pyhbac.so
 
+%files -n python-sss_nss_idmap
+%defattr(-,root,root)
+%dir %python_sitearch
+%python_sitearch/pysss_nss_idmap.so
+
 %files -n python-sssd-config
 %defattr(-,root,root)
 %python_sitearch/pysss.so