HI Detlev Yes we have it working with Samba 4.x and IPA 4.x, pretty much as described in the techslaves article. I did intend to write a "how-to", but 1000 other things took over ... I made some notes at the time, which I will try and dig out.
We did not use ipa-adtrust-install, so I can't comment on that. Chris From: Detlev Habicht <[email protected]> To: [email protected] Date: 16.06.2016 14:10 Subject: Re: [Freeipa-users] IPA, Samba and how can a Windows client access it Sent by: [email protected] Thank you, i found an old post from you with this smb.conf: security = user passdb backend = ldapsam:ldap://ldap.my.example.com ldap suffix = dc=my,dc=example,dc=com ldap admin dn = cn=Directory Manager ldap ssl = off Is this still working with Samba 4.x und IPA 4.x? I will try it soon. Will "ipa-adtrust-install --add-sids" do all the config i need for this? I think, your hint with techslaves is good, but not uptodate. Detlev P.S.: Yes, i want the same, this clients are not a member of a domain ... -- Detlev | Institut fuer Mikroelektronische Systeme Habicht | D-30167 Hannover +49 511 76219662 [email protected] --------+-------- Handy +49 172 5415752 --------------------------- Am 16.06.2016 um 12:52 schrieb Christopher Lamb < [email protected]>: Hi Detlev If I have understood you correctly, you want to let Windows users access Samba "shares" using their IPA username/passwords? If so it is possible. We have both Windows and OSX workstations accessing unix fileshares like that. We did it more or less along the lines described here: http://techslaves.org/2011/08/24/freeipa-and-samba-3-integration/ If you search the archives of this forum with FreeIPA Samba Lamb you will find some previous threads on this topic. Chris <graycol.gif>Detlev Habicht ---06/16/2016 10:49:49---Hi, first i thought, it is an awkward question, but my smart colleague here also From: Detlev Habicht <[email protected]> To: [email protected] Date: 06/16/2016 10:49 Subject: [Freeipa-users] IPA, Samba and how can a Windows client access it Sent by: [email protected] Hi, first i thought, it is an awkward question, but my smart colleague here also cannot help me, so i try it: I read this and i have installed it: "Howto/Integrating a Samba File Server With IPA" http://www.freeipa.org/page/Howto/Integrating_a_Samba_File_Server_With_IPA This is working as described. But this works only for Linux so far. We are not able to find a configuration, so a single Windows client have access to the Samba Server. Only with his IPA account (username and password)! I don’t want to use something like trusted AD. As i said, for the Windows clients i want only to use an username and password for Samba, using IPA. Well, this is the configuration as described in the docu: [global] workgroup = MY realm = MY.REALM dedicated keytab file = FILE:/etc/samba/samba.keytab kerberos method = dedicated keytab log file = /var/log/samba/log.%m security = ads Any idea what i can do for my wishes? Thank you! Detlev -- Detlev | Institut fuer Mikroelektronische Systeme Habicht | D-30167 Hannover +49 511 76219662 [email protected] --------+-------- Handy +49 172 5415752 --------------------------- -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
