what is the best practice to authenticate samba file sharing with freeipa as 
auth service. 
Either version 3 or 4 of samba is fine, as we are looking for this only for 
filesharing and not 
domain service. 
Our ipa service is hosted on CentOS 6.5. 
The samba service is preferred to be hosted on Ubuntu Precise (12.04), later 
the new LTS. 

Found 3 methods, but all seem to have their issues. 

    1. LDAP, ldapsam passdb backend. -> needs ldap schema modification to 
include fields (sambaSAMAccount, sambaGroupMapping, samabaSID) and have IPA 
populate those with dna plugin 
    2. IPA, ipasam passdb backend -> did not find a working version from 
ipasam.so for ubuntu, mostly i did not find any 
    3. KRB, keytab -> seemed a bit messy, also needs ldap schema modification 

Sándor Juhász 
System Administrator 
ChemAxon Ltd . 
Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031 

Freeipa-users mailing list

Reply via email to