Hello, I need some help with getting Samba and FreeIPA working together.
I’ve been following the guide at http://techslaves.org/2011/08/24/freeipa-and-samba-3-integration but that seems quite out of date for IPAv3 and I need some help: 1. The guide deals with setting a Samba server SID for one Samba server, but as we have multiple stand-alone Samba3 servers, which SID do I use to create the DNA plugin? Can I enter more than 1 SID? Can I have more than 1 plugin (seems unlikely)? 2. There’s no “/usr/share/ipa/ui/group.js” file to patch in IPAv3. What do I need to patch instead? I’ve seen ticket https://fedorahosted.org/freeipa/ticket/3999 , which shows the need is there but I could do with getting it working ASAP. I may be missing something obvious but some help would be greatly appreciated! Thanks, Dylan. Background: Brief: Need to expand from the current single-office-ish NIS/YP scheme to a multi-location/multi-national auth scheme which FreeIPA seems ideally suited for. Requirement: To continue to provide console/SSH and GUI/X logins to Linux hosts, access to home and project directories via NFS from the Linux machines using autofs/automount and access to Samba file-shares from Windows machines but not using AD creds as this is a totally separate environment. Several locations will each have a FreeIPA replica server, NFS/Samba fileserver and “application” server. Currently use 2 passwords for each user – one for NIS, one for Samba – and need to consolidate to one password for everything. Progress: Linux-based NFS stuff working fine – automount of home and project directories all OK. Currently using Fedora 20 & CentOS 6.5 VMs as a prototyping environment but will probably use RHEL/CentOS 7 when available for production. FreeIPA versions 3.0.0 on CentOS 6.5 and 3.3.5 on Fedora 20. _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users