From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: AW: Samba with compile option --with-winbind Date: Wed, 26 Mar 2014 20:21:03 +0100 Message-ID: <1395861663.19318.53.camel@rice-oxley.tremer.info> In-Reply-To: <005501cf48ee$713e0520$53ba0f60$@lusch.de> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2871351384499706902==" List-Id: --===============2871351384499706902== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable RESEND: This conversation was accidentally continued off the list. Hello, On Wed, 2014-03-26 at 13:25 +0100, Olaf Albrecht wrote: > Hello Michael, >=20 > but when it is not included in IPFire, first question is, why not and secon= d why there is an option in IPFire to use the Windows authentication when it = doesn=E2=80=99t work? Especially in firms this option is essential. Ok there = is the option to use LDAP. But it can't realise a single sign on. Why is it not included? Because we need to maintain it and there is nobody who wants to do that. This is an Open Source project and only volunteers are working on it. You can figure out the rest... The Windows authentication that comes with the IPFire proxy does work. It only works with older Windows Domains and not with Active Directory. I am sure that this is essential for companies. Until now, no one has come forward to sponsor this feature. > When will this function included in IPFire? We whant to leave IPCop but whe= n IPFire can't authenticat against an Active Directory it is useless for us. I wonder how you do it with IPCop right now, because last time I checked IPCop did not support this feature as well. I think we can both agree that lowering the security level of the domain in order to use long outdated mechanisms is not what you want and I am sure you are not trying to do it. > Last time I wrote to you I offer a documentation when I have a single sign = on with IPFire. But I think that you don't want a working single sign on in I= PFire. I can't follow why this option will not work in IPFire. If you think that accusations help you to work on this topic then go ahead. If you cannot understand it that have a look on how this project is funded and who is working on it. We just cannot work on big things like these just because you are asking for it. Especially not if you are asking so nicely. >=20 > Olaf >=20 > -----Urspr=C3=BCngliche Nachricht----- > Von: Michael Tremer [mailto:michael.tremer(a)ipfire.org]=20 > Gesendet: Mittwoch, 26. M=C3=A4rz 2014 13:00 > An: Olaf Albrecht > Cc: development(a)lists.ipfire.org > Betreff: Re: Samba with compile option --with-winbind >=20 > Hello Olaf, >=20 > compiling Samba with only this option will not do what you expect it to > do. Winbind is already included with the current samba package, but is > not started by default. >=20 > In order to authenticate the samba server against a Windows Active > Directory Domain Controller, a lot more things are needed that are > currently NOT included with IPFire. >=20 > -Michael >=20 > On Wed, 2014-03-26 at 12:04 +0100, Olaf Albrecht wrote: > > Why ist Samba as IPFire package (Pakfire) not compiled with =E2=80=93 > > with-winbind so it can authenticate with Active Directory to reach a > > single sign on/passthrou authentication? > >=20 > > =20 > >=20 > > If it is an error how long does it take to get a new Samba package > > over Pakfire? > >=20 > >=20 > >=20 > >=20 > > Ferdinand Lusch GmbH & > > Co. KG > > Im Brocke 11 > > 33649 Bielefeld > > Tel: +49 (521) 9417 0 > > Fax: +49 (521) 9417 228 > > info(a)lusch.de > > www.lusch.de > > =20 > > =20 > > Zweigwerk Buke: > > Industriestra=C3=9Fe 21 > > 33184 Altenbeken-Buke > > Tel: +49 (5255) 98890 0 > > Fax: +49 (5255) 98890 > > 50 > > =20 > > Kommanditgesellschaft, > > Sitz u. Reg.-Ger. > > Bielefeld HRA 10273 > > Komplement=C3=A4r: LUBRA > > Verwaltungsgesellschaft > > mbH, > > Sitz u. Reg.-Ger. > > Bielefeld HRB 30 488 > > Gesch=C3=A4ftsf=C3=BChrer: > > Katharina Lusch, > > Wolfgang Exner > >=20 > > _______________________________________________ > > Development mailing list > > Development(a)lists.ipfire.org > > http://lists.ipfire.org/mailman/listinfo/development >=20 >=20 > Ferdinand Lusch GmbH & Co. KG > Im Brocke 11 > 33649 Bielefeld > Tel: +49 (521) 9417 0 > Fax: +49 (521) 9417 228 > info(a)lusch.de > www.lusch.de >=20 > Zweigwerk Buke: > Industriestrasse 21 > 33184 Altenbeken-Buke > Tel: +49 (5255) 98890 0 > Fax: +49 (5255) 98890 50 >=20 > Kommanditgesellschaft, Sitz u. Reg.-Ger. Bielefeld HRA 10273 > Komplementaer: LUBRA Verwaltungsgesellschaft mbH, > Sitz u. Reg.-Ger. Bielefeld HRB 30 488 > Geschaeftsfuehrer: Katharina Lusch, Wolfgang Exner >=20 =09 --===============2871351384499706902==--