[Freeipa-devel] using with samba

Dmitri Pal dpal at redhat.com
Mon Oct 27 21:49:56 UTC 2008 

William,

I think the main challenge on this route is overcoming schema 
differences. This is probably the main issue - mapping attributes in 
Samba 4 and IPA's back end DS.
Other problems include that fact that IPA uses MIT kerberos and Fedora 
DS while Samba is based on Heimdal and OpenLDAP. If you plan to use one 
and the same back end this would have to be sorted out first. If you 
plan to use some kind of synchronization between Samba back end and 
IPA's DS you would need to solve at least mapping problem and then the 
synchronization itself which is usually a big task. May be using some 
kind of the virtual directory solution like Penrose for mapping of two 
structures to each other would be a good starting point.

Thank you
Dmitri

William Baker wrote:
> My question was about both, though vague.  For samba 3.2, the 
> objective would be NT4 domain controller, and for samba 4.0 the 
> objective would be AD domain controller.
>
> I've since narrowed my objective to AD domain controller.  I've been 
> following the mail list, but haven't been able to characterize the 
> magnitude of changes going into 4.0 or its usability.  I was hoping to 
> see another alpha release to use as a starting point.  I think I'm 
> just going to have to dive into the git repository and see what happens.
>
> I haven't done anything on it yet, but I know where to start.  With 
> any luck, I'll start putting the pieces together later this week.
>
> bbaker
>
>> On Tue, 2008-10-07 at 10:08 -0500, William Baker wrote:
>>  
>>> I would like to get FreeIPA working with Samba.  Where would I 
>>> start?  My guess is to review the schema requirements for samba.  
>>> Would 3.2 be a reasonable Samba version to target, or should it be 4.0?
>>>
>>> Somebody must know of some show stoppers, otherwise it would work 
>>> out-of-the-box.
>>>     
>>
>> Are you aiming for an AD domain controller, an NT4 domain controller or
>> a member (file) server?
>>
>> Andrew Bartlett
>>
>>   
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel

More information about the Freeipa-devel mailing list