samba-4.13.3-5.el8_4 works for my setup. Next versions dont work, all good for linux clients, but windows clients dont have accsess to shares. I'll get more information and ask new question.
----------------
Кому: FreeIPA users list (freeipa-users@lists.fedorahosted.org);
Тема: [Freeipa-users] Undestnding IPA and Samba connections;
17.06.2025, 22:44, "Rafael Jeffman" <rjeff...@redhat.com>:
Hello,
On Tue, Jun 17, 2025 at 7:13 AM Николай Савельев via FreeIPA-users <freeipa-users@lists.fedorahosted.org> wrote:
>
>
> Sorry, i cant understand one moment in RHEL documentation.
> https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/configuring_and_using_network_file_services/assembly_using-samba-as-a-server_configuring-and-using-network-file-services#setting-up-samba-on-an-idm-domain-member_assembly_using-samba-as-a-server
>
> Important
> Using Samba on an IdM domain member is an unsupported Technology Preview feature and contains certain limitations. For example, IdM trust controllers do not support the Active Directory Global Catalog service, and they do not support resolving IdM groups using the Distributed Computing Environment / Remote Procedure Calls (DCE/RPC) protocols. As a consequence, AD users can only access Samba shares and printers hosted on IdM clients when logged in to other IdM clients; AD users logged into a Windows machine can not access Samba shares hosted on an IdM domain member.
>
> Customers deploying Samba on IdM domain members are encouraged to provide feedback to Red Hat.
>
>
> How can i share files on my linux server for users in IPA domain and AD domain at tha same time?
> I did this with IPA on centos 7, but cant with newes version?>Unsupported is not "non-working", it means you are mostlyon your own if you do so, and there's not much your paidRed Hat support can do for you. As stated, if you do so, theproject would like to hear feedback on your setup, what wentfine, what went wrong, what could be improved. (But that'smine reading of the note.)Other than that, if you can work with the current limitation,things should work similarly to what you had before, but Istrongly suggest some testing on your environment.Rafael> --
> С уважением, Николай.
>
> --
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
> Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
--
Rafael Guterres Jeffman
Senior Software Engineer
FreeIPA - Red Hat
--
С уважением, Николай.
С уважением, Николай.
-- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
