On Wed, 2012-02-22 at 22:07 +0100, Marco Pizzoli wrote:
Hi guys,
in a previous question about FreeIPA 2.1.90 I submitted to you, I
received from Martin the answer to use the command:
ipa dnszone-mod my_zone --dynamic-update=TRUE
other_parameters
I used it and I successfully achieved my
Hi,
Control samba with IPA, aka IPA controlling say ssh, so hbacl control between a
samba user group and a samba host group per samba share.
So redhat linux clients to redhat linux samba server (rhel6.2's)
I need to automount smb shares for linux users who are in IPA.
So far I have kerberos
Steven Jones wrote:
Hi,
Control samba with IPA, aka IPA controlling say ssh, so hbacl control between a
samba user group and a samba host group per samba share.
So redhat linux clients to redhat linux samba server (rhel6.2's)
I need to automount smb shares for linux users who are in IPA.
So
I have heard that we currently have problems with IPA and AD existing on the
same subnet, possibly only when using AD as DNS servers, possibly even when the
realm names are different. I have not been able to find good concrete
information or BZ's regarding this. I am looking for clarification
Hi,
Subnet? IP addressing will not matter its DNS as the main issue, for me
anyway., I cant see IP / sunbets matter?
So, yes if you have AD as the same realm as IPA then only one will work well
from what I can read, IPA has to have its neat auto-discovery/balancing
features turned off, or at
On Tue, 21 Feb 2012, Steven Jones wrote:
Hi,
Any good docs on making samba / smbclient / clients work with ipa?
not having much luck with google
The stack of protocols that Samba is implementing disassociates
authentication and actual connection to the shares. First you
authenticate
Hi,
thanks for the great explanation
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Alexander Bokovoy [aboko...@redhat.com]
Sent: Friday, 24 February 2012 11:01 a.m.
To: Steven
On 02/23/2012 05:01 PM, Alexander Bokovoy wrote:
On Tue, 21 Feb 2012, Steven Jones wrote:
Hi,
Any good docs on making samba / smbclient / clients work with ipa?
not having much luck with google
The stack of protocols that Samba is implementing disassociates
authentication and actual
I would not expect that there would be any problem with AD and IPA coexisting
when the realm names are different, but I have heard reports that there are
problems, especially when Linux clients are configured to use AD for DNS.
Trying to figure out what the problem is. I understand your
Hi,
Well I can give you how I think this works, but I stand to be corrected...
So, there is auto-discovery for kerberos going on via DNS, but AD's DNS already
has such kerberos for its services, so a Linux client is going to try and do
this, but its going to get AD results and not IPA results,
I think we are doing the same thing here, seemed to have arrived at the same
conclusion!.I have the AD DNS servers hand off the sub-domain to the IPA
servers, so they are the masters for all things linux/unix, the reverse IP
domains on the IPA servers are slaved from the AD DNS however as
We use the group.example.com as the primary domain name, even for
windows clients. So a typical windows pc has:
ip: 192.168.0.100
dns1: linux-dns-server1
dns2: linux-dns-server2
search: group.example.com
That way the windows pcs only use their melb.example.com domain for
authentication and then
On Thu, 23 Feb 2012, Jeremy Agee wrote:
You should also be able to use the filesystem to control access to
the smb share. If acl support is on the filesytem, you can use
these as well. Samba should have nt acl support = Yes set by
default.
Yes, this will work -- as long as SSSD or nss_ldap
13 matches
Mail list logo
