2013/9/11 Dmitri Pal <[email protected]> > On 09/11/2013 04:02 PM, Christovam Paynes Silva wrote: > > It is a pity! > Thank you! > > > > > I did not get a feeling that we understand the whole picture correctly to > say that we provided the full answer.. > > What I get from the description: > 1) Presence of Windows Clients = 100 >
Correct! > 2) Presence of AD to rule them > Correct! 3) Presence of users (I deduce in AD too, but unclear) = 1000 > Correct! Users are wirelessly. Use windows and linux without domain. > Intent: use open source technologies instead of proprietary solution. > That's right! > > What is not clear: > a) Are the users that come through the portal the same users that use > Windows Clients or not? Is there an overlap? > Users are via wireless. Authenticate users on a "captive portal" with Squid. Customers are windows, linux and without domain. > b) Is there any kind of Linux servers/machines in the picture? > This question was not clear to me. > > If you do not have Linux systems and all users can be stored in one place > it might be that you do not need FreeIPA. It might be that you can solve > the problem by using Samba4 instead of AD, connecting your clients to it, > putting your external portal users into a special OU in Samba4, configuring > FreeRADIUS to use this OU for authentication. Configure your portal to use > RADIUS. > Sorry, I may not have understood the concept of FreeIPA. I would like to continue using the AD, because of Group Policy Objects (GPO). It has the ability to authenticate email services, applications, among others directly in Samba4? > > HTH > > Thanks > Dmitri > > > > > > 2013/9/11 Simo Sorce <[email protected]> > >> On Wed, 2013-09-11 at 16:37 -0300, Christovam Paynes Silva wrote: >> > Hello Simo, thanks for the feedback. >> > I would use the Samba4 with AD and authenticate my clients windows in >> > FreeIPA. >> > Is this possible? >> >> It is not possible at this point to combine Samba4 AD and freeIPA. >> >> Simo. >> > >> > 2013/9/11 Simo Sorce <[email protected]> >> > On Wed, 2013-09-11 at 14:06 -0300, Christovam Paynes Silva >> > wrote: >> > > Hello! >> > > >> > > >> > > First I apologize if this topic is redundant. >> > > >> > > >> > > I'm looking on the implementation of FreeIPA . Looking for >> > the >> > > forums , have some comments that authentication does not >> > work with >> > > Samba4 . Elsewhere say that that possibility exists . Today >> > we have >> > > nearly 200 computers in the domain with the "Active >> > Directory" and one >> > > wireless "captive portal" with 1000 + proxy users . >> > > >> > > I would like to see if the following scenario is possible : >> > > 1 - Integrating Samba4 with "Active Directory" , to use >> > their GPO and >> > > authenticate network users through the FreeIPA . >> > > 2 - Authenticate proxy servers in FreeIPA . >> > > 3 - And if it is possible some integration with FreeRADIUS >> > > >> > >> > >> > Hi Christovam, it is a bit unclear what you mean by >> > integrating here. >> > >> > Is your intent to use Samba4 as an AD domain controller for >> > your Windows >> > client s and IPA for your servers ? >> > >> > If that's the case unfortunately this is not possible at the >> > moment as >> > samba4 does not yet support Forest level trusts. >> > A Microsoft AD server can be used this way instead. >> > >> > Simo. >> > >> > -- >> > Simo Sorce * Red Hat, Inc * New York >> > >> > >> > >> >> >> -- >> Simo Sorce * Red Hat, Inc * New York >> >> > > > _______________________________________________ > Freeipa-users mailing > [email protected]https://www.redhat.com/mailman/listinfo/freeipa-users > > > > -- > Thank you, > Dmitri Pal > > Sr. Engineering Manager for IdM portfolio > Red Hat Inc. > > > ------------------------------- > Looking to carve out IT costs?www.redhat.com/carveoutcosts/ > >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
