Search Results

Search results 1-4 of 4.

This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

  • I've gotten FreeIPA/Samba semi-working by adding security = user to the SMB options. This bypasses the kerberos checks and authenticates logins against the local list - which is already synced successfully with FreeIPA. Windows machines can then use an IPA domain user's credentials to access SMB shares. They still can't use their own credentials, so it's not perfect. But it's working, which is important for the WAF. Source Code (4 lines)

  • Yes, priviliges appear to be working too. Sorry - thought I'd included that in the screenshots.

  • They do indeed, and so far everything except CIFS/Samba is working as expected. Samba config so far has been ultimately unsuccessful, with the closest I've gotten being the above mentioned krb5_init_context_failed messages when attempting to authorize a client. In tracing those, I came across several recent threads mentioning that the FreeIPA client port is built against libraries known to be incompatible with Debian's samba, causing them to misinterpret each others requests. I believe this is w…

  • I've been doing some playing around with the FreeIPA side of things, and I think I have some good news and some bad news - The good news is I've successfully gotten an OMV install joined to an IPA domain with an AD trust, and I'm able to ssh in via AD users. So far, all users and groups that appear in FreeIPA show up as expected in the Web UI - although they're not directly editable. The bad news is that Samba/CIFS isn't working - and I don't think it's going to be any time soon. OMV's version o…