[Freeipa-users] Fwd: Windows, Samba and IPA
Dmitri Pal
dpal at redhat.com
Fri Sep 20 16:02:22 UTC 2013
On 09/20/2013 07:33 AM, Fred van Zwieten wrote:
> Hi,
>
> I wonder if it is possible to have Windows clients (member of some
> domain) to connect to SAMBA shares with an IPA account. I found
> various howto's voor Kerberized SAMBA but they al use Linux as the
> client platform. I have tried to set it up using a Red Hat Solution
> article, but I did not get it to work.
>
> Is it possible without using trust or synchronization between AD and
> IPA? If yes, how?
>
> Fred
>
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
So the setup is:
AD and IPA not in trust or sync
There is an IPA user logging into Windows client in AD domain and trying
to access Samba share in which domain? I mean is Samba a member server
in AD domain or IPA?
Anyways it would not work.
What should work is:
* User from AD accessing a samba share in AD domain (this is the setup
in the documentation that you refer to).
* User from IPA accessing samba share in IPA domain using Linux client
(I think that has been possible in the past)
Other scenarios would not work yet AFAIU because:
1) IPA does not provide global catalog yet
2) Samba FS and IPA integration as a member server in trust setup is not
ready to serve users from a trusted domains. There is some work to be
done there.
Both are on the roadmap but not available right now.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130920/5dbf6091/attachment.htm>
More information about the Freeipa-users
mailing list