Re: [Freeipa-users] freeipa and NAS
I'd suggest taking a look at gluster as well... http://www.gluster.org/ "Welcome to the Gluster community, the source for all resources about downloading, installing, and running Gluster Storage. GlusterFS is an open source scale-out NAS solution. The software is a powerful and flexible solution that simplifies the task of managing unstructured file data whether you have a few terabytes of storage or multiple petabytes. " There are RHEL rpms regards From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Natxo Asenjo [natxo.ase...@gmail.com] Sent: Wednesday, 29 June 2011 6:14 a.m. To: freeipa-users@redhat.com Subject: Re: [Freeipa-users] freeipa and NAS On Tue, Jun 28, 2011 at 6:35 PM, Sigbjorn Lie wrote: > In my NexentaStor configuration, the NFS service is using FreeIPA > (nss_ldap+krb5), and the CIFS > service is using Active Directory (nss_ad) for user authentication. that is awesome! Could you write an instruction of how you did that? Next month a big server with plenty of disks will be decommissioned and I want to take a look at nexentastor, and kerberos would be a big plus. -- Thanks, Natxo ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] freeipa and NAS
Hi, There is also openfiler which is linux underneath but the one that is drawing my attention right now is glusterwhich can be installed on RHELso I assume would use freeipa underneath "easily" The idea behind gluster is its a global file systemso its got some very interesting tech for resiliency. I have not tried gluster with IPA yet as Im waiting on access to the AD and replication channel and confirmation it will be sold in AP before I spend more time on IPA. Ive used Openfiler and Freenas for iscsi and Freenas I didnt find very stable...Openfiler on the other hand seemed bomb proofI hammered it for 6 months and it never missed a beat...Freenas used to fall over every week... regards From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of Sigbjorn Lie [sigbj...@nixtra.com] Sent: Wednesday, 29 June 2011 4:35 a.m. To: d...@redhat.com Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] freeipa and NAS Hi, You could consider using NexentaStor which is also using ZFS, providing a feature rich GUI and CLI for NAS management. I've successfully used FreeIPA 2 with NexentaStor for CIFS, NFS3 and NFS4 + Kerberos 5, having Linux clients connecting to kerberized NFS4 shares, and Windows clients connecting to the CIFS service. I assume anything that supports LDAP will be usable with IPA, at least for user lookup. In my NexentaStor configuration, the NFS service is using FreeIPA (nss_ldap+krb5), and the CIFS service is using Active Directory (nss_ad) for user authentication. Rgds, Siggi On Tue, June 28, 2011 17:59, Dmitri Pal wrote: > On 06/28/2011 06:34 AM, Joachim Badzong wrote: > >> Hi, >> >> >> has anybody real experience to bind an QNAP NAS or an freenas box to an >> freeipa server ? First of >> all it would of course best to get the original QNAP bound to freeipa. I >> assume that would have >> to done by AD. Alternative would be to install freenas and get that bound to >> freeipa. >> By LDAP ? Or by AD ? >> >> >> Thanks for any good hints. >> J. >> >> >> ___ >> Freeipa-users mailing list >> Freeipa-users@redhat.com >> https://www.redhat.com/mailman/listinfo/freeipa-users >> > > I did a quick search on the freenas web site. I do not find any mention > of Kerberos. That makes me think that it can't be configured to use Kerberos. > > > The LDAP config instructions are here: http://doc.freenas.org/index.php/LDAP > IPA users are in the "cn=users, cn=accounts, " > > > -- > Thank you, > Dmitri Pal > > > Sr. Engineering Manager IPA project, > Red Hat Inc. > > > > --- > Looking to carve out IT costs? > www.redhat.com/carveoutcosts/ > > > > ___ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users > > ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] freeipa and NAS
On Tue, Jun 28, 2011 at 6:35 PM, Sigbjorn Lie wrote: > In my NexentaStor configuration, the NFS service is using FreeIPA > (nss_ldap+krb5), and the CIFS > service is using Active Directory (nss_ad) for user authentication. that is awesome! Could you write an instruction of how you did that? Next month a big server with plenty of disks will be decommissioned and I want to take a look at nexentastor, and kerberos would be a big plus. -- Thanks, Natxo ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] freeipa and NAS
Hi, You could consider using NexentaStor which is also using ZFS, providing a feature rich GUI and CLI for NAS management. I've successfully used FreeIPA 2 with NexentaStor for CIFS, NFS3 and NFS4 + Kerberos 5, having Linux clients connecting to kerberized NFS4 shares, and Windows clients connecting to the CIFS service. I assume anything that supports LDAP will be usable with IPA, at least for user lookup. In my NexentaStor configuration, the NFS service is using FreeIPA (nss_ldap+krb5), and the CIFS service is using Active Directory (nss_ad) for user authentication. Rgds, Siggi On Tue, June 28, 2011 17:59, Dmitri Pal wrote: > On 06/28/2011 06:34 AM, Joachim Badzong wrote: > >> Hi, >> >> >> has anybody real experience to bind an QNAP NAS or an freenas box to an >> freeipa server ? First of >> all it would of course best to get the original QNAP bound to freeipa. I >> assume that would have >> to done by AD. Alternative would be to install freenas and get that bound to >> freeipa. >> By LDAP ? Or by AD ? >> >> >> Thanks for any good hints. >> J. >> >> >> ___ >> Freeipa-users mailing list >> Freeipa-users@redhat.com >> https://www.redhat.com/mailman/listinfo/freeipa-users >> > > I did a quick search on the freenas web site. I do not find any mention > of Kerberos. That makes me think that it can't be configured to use Kerberos. > > > The LDAP config instructions are here: http://doc.freenas.org/index.php/LDAP > IPA users are in the "cn=users, cn=accounts, " > > > -- > Thank you, > Dmitri Pal > > > Sr. Engineering Manager IPA project, > Red Hat Inc. > > > > --- > Looking to carve out IT costs? > www.redhat.com/carveoutcosts/ > > > > ___ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users > > ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] freeipa and NAS
On 06/28/2011 06:34 AM, Joachim Badzong wrote: > Hi, > > has anybody real experience to bind an QNAP NAS or an freenas box to an > freeipa server ? > First of all it would of course best to get the original QNAP bound to > freeipa. I assume that would have to done by AD. > Alternative would be to install freenas and get that bound to freeipa. > By LDAP ? Or by AD ? > > Thanks for any good hints. > J. > > ___ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users I did a quick search on the freenas web site. I do not find any mention of Kerberos. That makes me think that it can't be configured to use Kerberos. The LDAP config instructions are here: http://doc.freenas.org/index.php/LDAP IPA users are in the "cn=users, cn=accounts, " -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] freeipa and NAS
Hi, has anybody real experience to bind an QNAP NAS or an freenas box to an freeipa server ? First of all it would of course best to get the original QNAP bound to freeipa. I assume that would have to done by AD. Alternative would be to install freenas and get that bound to freeipa. By LDAP ? Or by AD ? Thanks for any good hints. J. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users