On Thu, 16 Aug 2012, Dimitris Tsompanidis wrote:
On 16/08/2012 14:34, Alexander Bokovoy wrote:
On Thu, 16 Aug 2012, Dimitris Tsompanidis wrote:
Hi all,
I'm looking into setting up a Samba file server with FreeIPA as
the password backend. I don't need fancy stuff, just plain LDAP
password authentication.
http://techslaves.org/2011/08/24/freeipa-and-samba-3-integration/
(my first thought was using PAM as the LDAP frontend but
apparently this does not work for Samba...)
All the tutorials I've looked into mention the need to update the
LDAP schema in FreeIPA as a part of the procedure. I'm not really
keen on doing this, at least not in my production FreeIPA
cluster, so I thought of setting up a test FreeIPA installation
that would only replicate data from the FreeIPA "master" but not
the either way around.
My problem is that I can't find any way of doing this except by
creating the replica and then deleting the test replica from the
FreeIPA topology - basically creating a non-updating stand-alone
copy of my production servers.
Is there a way to force a one-way replication?
(I'd also be grateful for any mentions of less painful ways of
connecting samba to freeipa :))
For IPA v2.x the link above explains fairly easy setup.
I am already aware of this guide - that's me in the second comment
asking more or less the same thing :)
:)
Since that guide involves patching the code, the changed packages will
need to get to other replicas as well.
However, as configuration changes are added to the tree that is replicated
by default, I think everything what's affected will be replicated.
--
/ Alexander Bokovoy
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users