El mié, 29-10-2014 a las 20:49 -0400, Dmitri Pal escribió: > On 10/29/2014 05:01 PM, Loris Santamaria wrote: > > > El mié, 29-10-2014 a las 21:40 +0100, John Obaterspok escribió: > > > Hello, > > > > > > > > > I've tried this as well. My IPA is not connected to an AD. My smb.conf > > > looks almost the same. The differences are: > > > - I got the default workgroup set (MY or something) > > > - No FILE:/ prefix for keytab file > > > > > > > > > I had the samba and ipserver on the same box so I just had to add the > > > cifs server and get keytab file in the same way. > > > I was a bit surprised to see that accessing samba using "smbclient -k > > > \\..." worked right away from a linux box. Then stopped working if I > > > did kdestroy. > > > > > > > > > But, I never got it to work from Windows. The Windows PC is not joined > > > to any AD, it uses MIT Kerb client 4.0.1 and I successfully get tickes > > > and can sshlogin via putty without password. > > > > > > > > > Any ideas on how to get this going from Windows as well? > > I guess you should prepare the ipa server for a windows domain trust > > (even if you won't setup any trust with an ad domain), with > > ipa-adtrust-install. Beware that it will overwrite your smb.conf. > > > > With that configuration and the steps described in > > http://www.redhat.com/archives/freeipa-users/2013-September/msg00226.html > > you will be able to use the native windows kerberos libraries and you > > should be able to open a samba share with your kerberos credentials. > > > > Best regards > > > > > > > > > Would by any chance you be able to create a HowTo solution on the > FreeIPA wiki? > Seems like it would be a simple cut&paste from couple mails. Thanks in > advance!
Here it is: http://www.freeipa.org/page/Howto/Integrating_a_Samba_File_Server_With_IPA Best regards -- Loris Santamaria linux user #70506 xmpp:[email protected] Links Global Services, C.A. http://www.lgs.com.ve Tel: 0286 952.06.87 Cel: 0414 095.00.10 sip:[email protected] ------------------------------------------------------------ "If I'd asked my customers what they wanted, they'd have said a faster horse" - Henry Ford
smime.p7s
Description: S/MIME cryptographic signature
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
