For anyone having the same problem - i now solved it like this: 1. Install FreeIPA in Docker 2. Create a User in FreeIPA 3. Client with SSSD + Kerberos and ipa-client integrated to the Domain -> User can logon to the client as described above 4. Set up Authentik as Docker - Version 10/2024 has Kerberos- Support. This is needed as middleware 5. Make Authentic sync FreeIPA users and Groups with LDAP 6. Konfigure Kerberos SPNEGO in Authentik (NOT using kerberos- sync) 7. Setup Nextcloud to authenticate with Authentik via OIDC Connect (OAuth)
Thats it. You can find all necessary ressources in the docs of those apps. -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
