[Freeipa-devel] using freeipa as a samba backend

[William Baker]

I've got an existing FDS running as LDAP backend for Samba.  I maintain 
accounts in that system with the smbldap- tools.  I read somewhere that 
the ipa- tools should create the LM hash for Samba, but I don't seem to 
find that documentation now. I've also followed along enough to know 
that the true Samba integration is really a V2 feature.

Is it possible now to use the ipa-useradd tool in smb.conf?

I suppose the smbldap-tools should continue to work with FreeIPA, though 
I could imagine this might not be "best practice".  Is there a "best 
practice" for using FreeIPA with Samba?  I would really like an approach 
that allowed me to use V1 today and transition to V2 without too much pain.

Sorry if I'm asking an obvious question that I should see in the MAN 
pages.  I can't boot my FreeIPA server right now since FDS can't find 
the DNS server, and the boot process hangs with a message about 
initializing sbus.  I've seen this before when using LDAP as a backend 
user account manager and know how to deal with it, as soon as I figure 
out how to boot a different runlevel in a Xend VM.  But that's not 
really the problem I'm asking about here.  If anyone asks, I can detail 
the problem more clearly for other normal "users" that will have the 
same problem after Fedora 9 is released.

By the way, congrats on getting V1 into Fedora 9.  You'll probably know 
how long it took FDS to get into the Fedora repository.  Everybody 
should be pleased to see FreeIPA progressing so well.

bbaker