Guys, What would it take to get FreeIPA supported again? I work with a lot RHEL boxes and a few Debian boxes. IPA great, because I can tie into a AD Domain and use the same accounts account all box. Yes, I could pay for Beyond Trust or Centrify. I could use Winbind. So far SSSD seems to work the best. -- Terror PUP a.k.a Chuck "PUP" Payne ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Register Linux Userid: 155363 openSUSE Community Member since 2008.
You can use SSSD with AD on openSUSE, and it is supported. What exactly are you looking for? On 9/19/21 9:02 AM, Chuck Payne wrote:
Guys,
What would it take to get FreeIPA supported again? I work with a lot RHEL boxes and a few Debian boxes. IPA great, because I can tie into a AD Domain and use the same accounts account all box.
Yes, I could pay for Beyond Trust or Centrify. I could use Winbind. So far SSSD seems to work the best.
-- Terror PUP a.k.a Chuck "PUP" Payne ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Register Linux Userid: 155363 openSUSE Community Member since 2008.
-- *David Mulder* Labs Software Engineer, Samba SUSE 1800 Novell Place Provo, UT 84606 (P)+1 801.861.6571 dmulder@suse.com <http://www.suse.com/>
FreeIPA. Not a one off. Right now I know that ipa doesn't work with Samba 4.8. This is causing me pain because now I have several one offs, because I have to use Winbind/SSSD to use Samba. I currently manage 300+ boxes, with IDM ( FreeIPA ). I like to get SuSE into the mix, but unless it works with IPA, we are going to have to use Debian. I have ready no *buntu ( I don't care what anyone says, LTS isn't Enterprise ), because I need stable. Once I have everything, service accounts, user accounts, and other things working. It's very nice and easy to manage. On Mon, Sep 20, 2021 at 9:44 AM David Mulder <dmulder@suse.com> wrote:
You can use SSSD with AD on openSUSE, and it is supported. What exactly are you looking for?
On 9/19/21 9:02 AM, Chuck Payne wrote:
Guys,
What would it take to get FreeIPA supported again? I work with a lot RHEL boxes and a few Debian boxes. IPA great, because I can tie into a AD Domain and use the same accounts account all box.
Yes, I could pay for Beyond Trust or Centrify. I could use Winbind. So far SSSD seems to work the best.
-- Terror PUP a.k.a Chuck "PUP" Payne ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Register Linux Userid: 155363
openSUSE Community Member since 2008.
-- *David Mulder* Labs Software Engineer, Samba SUSE 1800 Novell Place Provo, UT 84606 (P)+1 801.861.6571 dmulder@suse.com <http://www.suse.com/>
-- Terror PUP a.k.a Chuck "PUP" Payne ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Register Linux Userid: 155363 openSUSE Community Member since 2008.
Hi, One thing we that do not use FreeIPA struggle is what set of packages you need for this kind of thing, lets see client side usage. If we know we can see if we can add them Ciao, Marcus On Mon, Sep 20, 2021 at 10:08:23AM -0400, Chuck Payne wrote:
FreeIPA. Not a one off.
Right now I know that ipa doesn't work with Samba 4.8. This is causing me pain because now I have several one offs, because I have to use Winbind/SSSD to use Samba.
I currently manage 300+ boxes, with IDM ( FreeIPA ). I like to get SuSE into the mix, but unless it works with IPA, we are going to have to use Debian. I have ready no *buntu ( I don't care what anyone says, LTS isn't Enterprise ), because I need stable.
Once I have everything, service accounts, user accounts, and other things working. It's very nice and easy to manage.
On Mon, Sep 20, 2021 at 9:44 AM David Mulder <dmulder@suse.com> wrote:
You can use SSSD with AD on openSUSE, and it is supported. What exactly are you looking for?
On 9/19/21 9:02 AM, Chuck Payne wrote:
Guys,
What would it take to get FreeIPA supported again? I work with a lot RHEL boxes and a few Debian boxes. IPA great, because I can tie into a AD Domain and use the same accounts account all box.
Yes, I could pay for Beyond Trust or Centrify. I could use Winbind. So far SSSD seems to work the best.
-- Terror PUP a.k.a Chuck "PUP" Payne ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Register Linux Userid: 155363
openSUSE Community Member since 2008.
-- *David Mulder* Labs Software Engineer, Samba SUSE 1800 Novell Place Provo, UT 84606 (P)+1 801.861.6571 dmulder@suse.com <http://www.suse.com/>
-- Terror PUP a.k.a Chuck "PUP" Payne ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Register Linux Userid: 155363
openSUSE Community Member since 2008.
I mentioned AD because you said something about using AD. If you're using a FreeIPA IDM server, you should be able to join your openSUSE/SLE box using SSSD (same as you would a Debian box). openSUSE has realmd. On 9/20/21 8:08 AM, Chuck Payne wrote:
FreeIPA. Not a one off.
Right now I know that ipa doesn't work with Samba 4.8. This is causing me pain because now I have several one offs, because I have to use Winbind/SSSD to use Samba.
I currently manage 300+ boxes, with IDM ( FreeIPA ). I like to get SuSE into the mix, but unless it works with IPA, we are going to have to use Debian. I have ready no *buntu ( I don't care what anyone says, LTS isn't Enterprise ), because I need stable.
Once I have everything, service accounts, user accounts, and other things working. It's very nice and easy to manage.
On Mon, Sep 20, 2021 at 9:44 AM David Mulder <dmulder@suse.com <mailto:dmulder@suse.com>> wrote:
You can use SSSD with AD on openSUSE, and it is supported. What exactly are you looking for?
On 9/19/21 9:02 AM, Chuck Payne wrote: > Guys, > > What would it take to get FreeIPA supported again? I work with a lot > RHEL boxes and a few Debian boxes. IPA great, because I can tie into a > AD Domain and use the same accounts account all box. > > Yes, I could pay for Beyond Trust or Centrify. I could use Winbind. So > far SSSD seems to work the best. > > -- > Terror PUP a.k.a > Chuck "PUP" Payne > ----------------------------------------- > Discover it! Enjoy it! Share it! openSUSE Linux. > ----------------------------------------- > openSUSE -- Terrorpup > openSUSE Ambassador/openSUSE Member > skype,twiiter,identica,friendfeed -- terrorpup > freenode(irc) --terrorpup/lupinstein > Register Linux Userid: 155363 > > openSUSE Community Member since 2008.
-- *David Mulder* Labs Software Engineer, Samba SUSE 1800 Novell Place Provo, UT 84606 (P)+1 801.861.6571 dmulder@suse.com <mailto:dmulder@suse.com> <http://www.suse.com/ <http://www.suse.com/>>
-- Terror PUP a.k.a Chuck "PUP" Payne ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Register Linux Userid: 155363 openSUSE Community Member since 2008.
-- *David Mulder* Labs Software Engineer, Samba SUSE 1800 Novell Place Provo, UT 84606 (P)+1 801.861.6571 dmulder@suse.com <http://www.suse.com/>
We took this discussion off-list, but Chuck is looking for freeipa-client. I've compiled the latest version here: https://build.opensuse.org/package/show/home:dmulder:branches:security:idm/f... -- *David Mulder* Labs Software Engineer, Samba SUSE 1800 Novell Place Provo, UT 84606 (P)+1 801.861.6571 dmulder@suse.com <http://www.suse.com/>
participants (3)
-
Chuck Payne -
David Mulder -
Marcus Meissner