Hi there, I am considering to set up a smb2 server intended for certain windows machines and macs that are not member of the kerberos realm and hence not single sign-on enabled (read: guest machines).
The server for the smb service runs a fresh Fedora 20 and is also holding an ipa replica. Let me strees that I don't need a domain controller nor the synchronization to one, just a way to allow samba to lookup and authenticate against credentials provided by freeipa. This is just a pet project in a non-production environment (home). I searched around a bit and found a number of guides and mailing list posts, e.g. https://email@example.com/msg04928.html However, information tends to be scarce, scattered, and incomplete. Since most of it is rather old, I worry that it is horribly outdated. Today, how would I go about this? Is this configuration at all supported? Do I get samba 3 or samba 4 for that job? Do I use ldapsam as passdb backend? Do I need to extend the schema? Which attributes/objectclasses do users and groups have to have in order to work with samba? Do they have to be converted to posix objects? What is ipa-sam? Is there any documentation for ipa-sam? I'm not requesting a full step-by-step tutorial here, I just hope someone can point me in the right direction. Best, Torsten _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users