Hi Attila,

Attila Bogár wrote:
> I would like to deploy an integrated Samba4 / FreeIPA environment.
> I would like to enquire, what's the current status of FreeIPA 1.9.0.pre4 and 
> Samba4 integration.

The integration plan that I was involved with was between IPA v3 and Samba 4. 
But this plan has
been deferred in favor of an alternative design using Samba 3.

> I've tried http://freeipa.org/page/Samba_4_Configuration a month ago, though 
> the ldap provision
> didn't seem to work. I've even raised a bug at Samba 
> https://bugzilla.samba.org/show_bug.cgi?id=7530
> - which is still open.

Yes, this is taking too long to resolve. Unfortunately the last time I tested 
this there
was a problem in Samba 4 that was affecting other LDAP backends as well, not 
just specific
to 389 DS. Samba 4 code is changing a lot so it's rather difficult for me to 
keep up with
the changes especially if it happens in the core code. I plan to continue the 
as soon as I get the chance.

I'll let the others respond to the following questions:

> If the Fedora-DS backed Samba4 isn't ready for production at this time,
> I would be interested in the pro/contra views of
> - deploying a separate Samba4 instance with filesystem backend
> - writing a password syncing plugin for Samba4 vs. 389-ds
>    based on the docs at http://directory.fedoraproject.org/wiki/Plugins
> - other paths achieving integration?


Endi S. Dewata

Freeipa-users mailing list

Reply via email to