Jump to: navigation, search

Obsolete:IPAv3 Architecture

Obsolete Documentation

Please note that this content was marked as obsolete. We left the content here for study and archaeological purposes.

Please check our Documentation for a recent list of topics.


This page describes how IPA and Samba will be integrated.



MIT KDC will be used to provide a Kerberos service for both IPA and Samba clients. The KDC will use the IPA and Samba data that has been merged into the IPA DIT through synchronization.


IPA will use the DS to provide an LDAP service to its clients. Samba will provide an LDAP service to its clients through a virtual LDAP server running inside Samba. The actual Samba data will be stored in the same DS instance as IPA.

Synchronization Tool

A synchronization tool will be used to synchronize IPA and Samba backends. It will monitor/intercept changes happening in IPA/Samba DIT, transform the changes, and apply the changes in the other DIT.