On 21-10-2022 16:10, Alexander Bokovoy wrote:
On pe, 21 loka 2022, Kees Bakker via FreeIPA-users wrote:
It turns out to be caused by missing SELinux permissions. As soon as I
set selinux to permissive it started to work.
Now, I've solved a few fcontext issues. samba-dcerpcd does not crash anymore.
Still there are more things blocked by selinux, which I'm investigatign right
now.
I think this was fixed with
https://bugzilla.redhat.com/show_bug.cgi?id=2096521 in Fedora and CentOS
9 Stream.
Coming back to your original task. You should not use ipasam outside of
IPA trust controllers at all. Instead, please follow the RHEL IdM guide
which literally wants you to install ipa-client-samba package and run
ipa-client-samba installer to generate proper configuration for a Samba
server on IPA client. Have you tried that?
No, I didn't know that was necessary.
I am linking to RHEL IdM in RHEL 8 guide because RHEL 9 guides are not
fully published yet. It is the same story there:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_identity_management/setting-up-samba-on-an-idm-domain-member_configuring-and-managing-idm
Thanks for the pointer.
I've done ipa-client-samba. To make it run I had to delete the already existing
cifs/ service for
this host. It was created at the time in CentOS7.
Things aren't working yet. I'm now seeing NT_STATUS_NO_MEMORY errors in the
samba
logs for the connecting windows client.
Oh, and selinux is still "permissive" so that can't be a problem (yet).
--
Kees
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
