Certificate Auto Enrollment allows devices to enroll for certificates from Active Directory Certificate Services. As of Samba 4.16, Linux clients can now auto enroll for certificates just like a Windows client.
Samba’s Certificate Auto Enrollment uses the certmonger service to keep track of certificates. It also uses the cepces plugin to certmonger. The sscep command is also used to download the trust chain.
Certificate Auto Enrollment is compatible with both Winbind and SSSD.
I’ve created an appimage here for the various admin tools modules I’ve been working on. I wrote a previous blog article about this, but I lost some history when I borked my wordpress database and didn’t have a backup.
YaST has had python bindings for about 10 years, but there has been no maintainer for the last 4 years, and they’ve slowly gone kaput.
That has changed. Python+YaST is back. The syntax is (or should be) backwards compatible with <= 3.x of the yast-python-bindings, but you can now write python yast via code very similar to the ruby code.
There are also lots of examples now (thanks to noelp and his hackweek project).
My new favorite corporate email solution is davmail + geary + california in gnome-shell.
Geary is still a little buggy (version 0.8.3), but I love how light weight it is, while still doing (most of) what I need it to. It really needs html signature support, but that’s the only thing missing that I really use.
Davmail appears to be very stable. I run it in server mode on startup with an init script.
Now all I need is a decent calendar solution. The new gnome app California appears to be the best bet. It’s very buggy in version 0.2. My biggest issue is that overlapping events aren’t handled well. I’m hoping they’ve got that worked out in 0.4.
It feels more fluid using native gnome-shell apps for my corporate email and calendar. Thanks Yorba and davmail!