Hi Dimitri & Jakub,
Yes for us it is use case. Non-domain logins / NTLMSSP support in SSSD
is the final component we seem to need to allow Windows clients from a
non-trusted AD domain to access Samba shares using a username and
password combination, without having to use Kerberos.
IPA and SSSD is
On 05/12/2015 07:03 AM, Dylan Evans wrote:
Hi Jakub,
It's good to know it's going to happen, let's hope it gets into 1.13
and everyone has a very productive summer!
I've been watching IPA for a couple of years and this is the last
thing that's preventing it from being implemented in our product
Hi all,
Thank you very much for all your feedback.
John, I've already tried your setup and it works nicely ... but I still
need to split services among VMs, so no chance anyway.
And I agree with you: it's a must-have feature. As Dylan, it's the last
thing that keeps me from moving it to producti
Hi Jakub,
It's good to know it's going to happen, let's hope it gets into 1.13
and everyone has a very productive summer!
I've been watching IPA for a couple of years and this is the last
thing that's preventing it from being implemented in our production
environment.
Thanks,
Dylan.
On 11 May
I have about the same setup:
This is the setup (everything is up-to-date):
- ipa-server: F21, ipa-server 4.1, samba 4.1
- win-client: Windows 7 Home Premium
I tried to enroll the win-client in the domain but failed on the windows
side due to home editions not being able to join a domain.
But I ca
On Thu, May 07, 2015 at 03:30:06PM +0100, Dylan Evans wrote:
> By coincidence I posted a very similar question yesterday -
> https://www.redhat.com/archives/freeipa-users/2015-May/msg00103.html.
>
> +1 for the necessary support for out-of-domain Windows clients and NTLMSSP.
>
> Is there a time-ta
Hello Chris,
And thank you too for your answers!
>Our end users use a mix of Windows and OSX laptops / workstations.
These
>are not members of any kind of domain. They access our file servers via
>Samba shares authenticated by freeIPA.
>The samba server is a freeIPA client.
>T
Hi Alexander,
Thank you very much for all that precious information.
>SSSD can but you need Samba to be aware of these things because Samba
>needs way more than just passwords. FreeIPA uses different LDAP schema
>for the additional attributes compared to what standard Samba PASSDB
>
Hello Alexander,
Thank you very much for your answers!
> If Windows client is not a part of the domain, there is no SSO and no
> Kerberos. Windows client will attempt using NTLMSSP authentication.
> ...
> Right now -- yes. You are saying you've following "FreeIPA's Samba
> integration guide" whic
By coincidence I posted a very similar question yesterday -
https://www.redhat.com/archives/freeipa-users/2015-May/msg00103.html.
+1 for the necessary support for out-of-domain Windows clients and NTLMSSP.
Is there a time-table for this?
Thanks,
Dylan.
On 7 May 2015 at 08:48, Alexander Bokovoy
On Thu, 07 May 2015, box 31978 wrote:
Hello Alexander,
Thank you very much for your answers!
If Windows client is not a part of the domain, there is no SSO and no
Kerberos. Windows client will attempt using NTLMSSP authentication.
...
Right now -- yes. You are saying you've following "FreeIPA'
Hi
Yes, it's possible to operate freeIPA and Samba as you suggest, we have
been doing so for some years now (with several freeIPA and Samba versions).
Our end users use a mix of Windows and OSX laptops / workstations. These
are not members of any kind of domain. They access our file servers via
S
On Wed, 06 May 2015, box 31978 wrote:
Hello everyone,
These days I'm testing integration between FreeIPA4 and Samba4 at file
sharing level. Everything seems to work fine except share access from a
standalone Windows client.
This is the setup (everything is up-to-date):
- ipa-server: CentOS 7.1,
On 05/06/2015 05:11 PM, box 31978 wrote:
Hello everyone,
These days I'm testing integration between FreeIPA4 and Samba4 at file
sharing level. Everything seems to work fine except share access from
a standalone Windows client.
This is the setup (everything is up-to-date):
- ipa-server: CentO
14 matches
Mail list logo