Hi Christoph have you seen this earlier thread? https://www.redhat.com/archives/freeipa-users/2015-May/msg00124.html
I guess as that solution adds some custom fields it would break your requirement "no schema extensions"., but meet the requirement "user authenticates with password". mfg Chris From: Christoph Kaminski <christoph.kamin...@biotronik.com> To: FreeIPA <freeipa-users@redhat.com> Date: 03.07.2015 12:26 Subject: [Freeipa-users] samba vs ipa without kerberos Sent by: freeipa-users-boun...@redhat.com Hi it is possible (without extra patch/schema extension) to use samba shares without kerberos? Possibly is there something like a auth proxy for it? I mean the user authenticates with a password and the proxy checks it securly against ipa... any howtos/docs/ideas? (have ipa 4.1 and samba 4.1.12 here) Greetz Christoph Kaminski -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project