Thanks for the prompt reply. I tried to just bind Redmine, and failed; so I assumed that it's not possible. Now, with that information, I'm encouraged to try again...
What about Samba? Can you reference me to some relevant Howto/tutorial? 2014-03-26 13:28 GMT+02:00 Petr Spacek <[email protected]>: > On 26.3.2014 10:44, צביקה הרמתי wrote: > >> Hi. >> I have a small network of CentOS6.5 servers, and installed standard IdM >> (==FreeIPA). >> Everything works fine. >> >> Now I want to use IPA for other uses: >> >> 1. >> Use IPA together with Samba. I *don't* have fancy Windows servers, AD, or >> whatever. My network is comprised of a few CentOS servers, and some >> Windows >> 7/8 laptops that connect to it with SSH and VNC. >> I have installed (successfully) Samba, which should be used only for file >> sharing between Linux and Windows. No need for other features. >> However, in order to use Samba I have to define each user for Samba, and >> keep separate passwords. >> >> I'm confident that I missed something, and Samba can be somehow integrate >> with IPA, to use authenticate users against it. >> But I didn't find any solution or HowTo... >> >> 2. >> I'm using Redmine (issue tracking tool), that can authenticate against >> LDPA >> server (http://www.redmine.org/projects/redmine/wiki/RedmineLDAP). >> Can I use IPA for this? >> > Sure :-) We don't have how-to specifically for Redmine, you need to map > information from Redmine how-to to: > http://www.freeipa.org/page/HowTo/LDAP > > Feel free to create Redmine page here: > http://www.freeipa.org/page/HowTos > (Your Fedora account should just work.) > > > It seems that in order to use IPA's LDAP database, the client must first >> gain access from Kerberos. >> > No, you can use plain LDAP as usual as long as you don't want to use > single sign-on. > > > I have no experience with Kerberos, but it seems that Redmine doesn't >> support it. >> Any ideas for solution? >> > Configure Redmine with LDAP backend as usual. > > > 3. >> (related to the previous question-) >> Can I somehow disable the Kerberos component of IPA, using only the easy >> LDAP solution, allowing it easier integration with other tools? >> > You can't "disable it" but you are not forced to use Kerberos if you don't > want to do so. Plain LDAP bind should work for you. > > (Please note that Kerberos offers single sign-on and it is believed to > provide better security so it is worth spending time on it.) > > -- > Petr^2 Spacek > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
