From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: AW: Samba with compile option --with-winbind
Date: Wed, 26 Mar 2014 20:21:03 +0100 [thread overview]
Message-ID: <1395861663.19318.53.camel@rice-oxley.tremer.info> (raw)
In-Reply-To: <005501cf48ee$713e0520$53ba0f60$@lusch.de>
[-- Attachment #1: Type: text/plain, Size: 4252 bytes --]
RESEND: This conversation was accidentally continued off the list.
Hello,
On Wed, 2014-03-26 at 13:25 +0100, Olaf Albrecht wrote:
> Hello Michael,
>
> but when it is not included in IPFire, first question is, why not and second why there is an option in IPFire to use the Windows authentication when it doesn’t work? Especially in firms this option is essential. Ok there is the option to use LDAP. But it can't realise a single sign on.
Why is it not included? Because we need to maintain it and there is
nobody who wants to do that. This is an Open Source project and only
volunteers are working on it. You can figure out the rest...
The Windows authentication that comes with the IPFire proxy does work.
It only works with older Windows Domains and not with Active Directory.
I am sure that this is essential for companies. Until now, no one has
come forward to sponsor this feature.
> When will this function included in IPFire? We whant to leave IPCop but when IPFire can't authenticat against an Active Directory it is useless for us.
I wonder how you do it with IPCop right now, because last time I checked
IPCop did not support this feature as well. I think we can both agree
that lowering the security level of the domain in order to use long
outdated mechanisms is not what you want and I am sure you are not
trying to do it.
> Last time I wrote to you I offer a documentation when I have a single sign on with IPFire. But I think that you don't want a working single sign on in IPFire. I can't follow why this option will not work in IPFire.
If you think that accusations help you to work on this topic then go
ahead. If you cannot understand it that have a look on how this project
is funded and who is working on it.
We just cannot work on big things like these just because you are asking
for it. Especially not if you are asking so nicely.
>
> Olaf
>
> -----Ursprüngliche Nachricht-----
> Von: Michael Tremer [mailto:michael.tremer(a)ipfire.org]
> Gesendet: Mittwoch, 26. März 2014 13:00
> An: Olaf Albrecht
> Cc: development(a)lists.ipfire.org
> Betreff: Re: Samba with compile option --with-winbind
>
> Hello Olaf,
>
> compiling Samba with only this option will not do what you expect it to
> do. Winbind is already included with the current samba package, but is
> not started by default.
>
> In order to authenticate the samba server against a Windows Active
> Directory Domain Controller, a lot more things are needed that are
> currently NOT included with IPFire.
>
> -Michael
>
> On Wed, 2014-03-26 at 12:04 +0100, Olaf Albrecht wrote:
> > Why ist Samba as IPFire package (Pakfire) not compiled with –
> > with-winbind so it can authenticate with Active Directory to reach a
> > single sign on/passthrou authentication?
> >
> >
> >
> > If it is an error how long does it take to get a new Samba package
> > over Pakfire?
> >
> >
> >
> >
> > Ferdinand Lusch GmbH &
> > Co. KG
> > Im Brocke 11
> > 33649 Bielefeld
> > Tel: +49 (521) 9417 0
> > Fax: +49 (521) 9417 228
> > info(a)lusch.de
> > www.lusch.de
> >
> >
> > Zweigwerk Buke:
> > Industriestraße 21
> > 33184 Altenbeken-Buke
> > Tel: +49 (5255) 98890 0
> > Fax: +49 (5255) 98890
> > 50
> >
> > Kommanditgesellschaft,
> > Sitz u. Reg.-Ger.
> > Bielefeld HRA 10273
> > Komplementär: LUBRA
> > Verwaltungsgesellschaft
> > mbH,
> > Sitz u. Reg.-Ger.
> > Bielefeld HRB 30 488
> > Geschäftsführer:
> > Katharina Lusch,
> > Wolfgang Exner
> >
> > _______________________________________________
> > Development mailing list
> > Development(a)lists.ipfire.org
> > http://lists.ipfire.org/mailman/listinfo/development
>
>
> Ferdinand Lusch GmbH & Co. KG
> Im Brocke 11
> 33649 Bielefeld
> Tel: +49 (521) 9417 0
> Fax: +49 (521) 9417 228
> info(a)lusch.de
> www.lusch.de
>
> Zweigwerk Buke:
> Industriestrasse 21
> 33184 Altenbeken-Buke
> Tel: +49 (5255) 98890 0
> Fax: +49 (5255) 98890 50
>
> Kommanditgesellschaft, Sitz u. Reg.-Ger. Bielefeld HRA 10273
> Komplementaer: LUBRA Verwaltungsgesellschaft mbH,
> Sitz u. Reg.-Ger. Bielefeld HRB 30 488
> Geschaeftsfuehrer: Katharina Lusch, Wolfgang Exner
>
parent reply other threads:[~2014-03-26 19:21 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <005501cf48ee$713e0520$53ba0f60$@lusch.de>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1395861663.19318.53.camel@rice-oxley.tremer.info \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox