mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-28 09:06:44 -06:00
814592cf22
Introduces new utility to configure Samba on an IPA domain member. The tool sets up Samba configuration and internal databases, creates cifs/... Kerberos service and makes sure that a keytab for this service contains the key with the same randomly generated password that is set in the internal Samba databases. Samba configuration is created by querying an IPA master about details of trust to Active Directory configuration. All known identity ranges added to the configuration to allow Samba to properly handle them (read-only) via idmap_sss. Resulting configuration allows connection with both NTLMSSP and Kerberos authentication for IPA users. Access controls for the shared content should be set by utilizing POSIX ACLs on the file system under a specific share. The utility is packaged as freeipa-client-samba package to allow pulling in all required dependencies for Samba and cifs.ko (smb3.ko) kernel module. This allows an IPA client to become both an SMB server and an SMB client. Fixes: https://pagure.io/freeipa/issue/3999 Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com> |
||
|---|---|---|
| .. | ||
| man | ||
| share | ||
| sysconfig | ||
| config.c | ||
| ipa-certupdate.in | ||
| ipa-client-automount.in | ||
| ipa-client-common.c | ||
| ipa-client-common.h | ||
| ipa-client-install.in | ||
| ipa-client-samba.in | ||
| ipa-getkeytab.c | ||
| ipa-join.c | ||
| ipa-rmkeytab.c | ||
| Makefile.am | ||
| version.m4.in | ||