On 10/29/2014 05:01 PM, Loris Santamaria wrote:
Would by any chance you be able to create a HowTo solution on the
Seems like it would be a simple cut&paste from couple mails. Thanks in
El mié, 29-10-2014 a las 21:40 +0100, John Obaterspok escribió:
I've tried this as well. My IPA is not connected to an AD. My smb.conf
looks almost the same. The differences are:
- I got the default workgroup set (MY or something)
- No FILE:/ prefix for keytab file
I had the samba and ipserver on the same box so I just had to add the
cifs server and get keytab file in the same way.
I was a bit surprised to see that accessing samba using "smbclient -k
\\..." worked right away from a linux box. Then stopped working if I
But, I never got it to work from Windows. The Windows PC is not joined
to any AD, it uses MIT Kerb client 4.0.1 and I successfully get tickes
and can sshlogin via putty without password.
Any ideas on how to get this going from Windows as well?
I guess you should prepare the ipa server for a windows domain trust
(even if you won't setup any trust with an ad domain), with
ipa-adtrust-install. Beware that it will overwrite your smb.conf.
With that configuration and the steps described in
will be able to use the native windows kerberos libraries and you should be
able to open a samba share with your kerberos credentials.
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project