Hi there,

I am considering to set up a smb2 server intended for certain windows machines 
and macs that are not member of the kerberos realm and hence not single sign-on 
enabled (read: guest machines).

The server for the smb service runs a fresh Fedora 20 and is also holding an 
ipa replica.

Let me strees that I don't need a domain controller nor the synchronization to 
one, just a way to allow samba to lookup and authenticate against credentials 
provided by freeipa. This is just a pet project in a non-production environment 
(home).

I searched around a bit and found a number of guides and mailing list posts, 
e.g.
https://www.mail-archive.com/freeipa-users@redhat.com/msg04928.html
However, information tends to be scarce, scattered, and incomplete. Since most 
of it is rather old, I worry that it is horribly outdated.

Today, how would I go about this?
Is this configuration at all supported?
Do I get samba 3 or samba 4 for that job?
Do I use ldapsam as passdb backend?
Do I need to extend the schema?
Which attributes/objectclasses do users and groups have to have in order to 
work with samba?
Do they have to be converted to posix objects?
What is ipa-sam? Is there any documentation for ipa-sam?

I'm not requesting a full step-by-step tutorial here, I just hope someone can 
point me in the right direction.

Best,
Torsten


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to