ipa-client-samba: a tool to configure Samba domain member on IPA client
    
    Introduces new utility to configure Samba on an IPA domain member.
    
    The tool sets up Samba configuration and internal databases, creates
    cifs/... Kerberos service and makes sure that a keytab for this service
    contains the key with the same randomly generated password that is set
    in the internal Samba databases.
    
    Samba configuration is created by querying an IPA master about details
    of trust to Active Directory configuration. All known identity ranges
    added to the configuration to allow Samba to properly handle them
    (read-only) via idmap_sss.
    
    Resulting configuration allows connection with both NTLMSSP and Kerberos
    authentication for IPA users. Access controls for the shared content
    should be set by utilizing POSIX ACLs on the file system under a
    specific share.
    
    The utility is packaged as freeipa-client-samba package to allow pulling
    in all required dependencies for Samba and cifs.ko (smb3.ko) kernel
    module. This allows an IPA client to become both an SMB server and an
    SMB client.
    
    Fixes: https://pagure.io/freeipa/issue/3999
    Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
    Reviewed-By: Rob Crittenden <rcritten@redhat.com>
    Reviewed-By: Christian Heimes <cheimes@redhat.com>