Why do you not add the fileserver to the IPA DNS domain and only join to
IPA? AD user should be able to access it due to the trust with IPA.
Because the file server is also a file server for Windows users, ie, it's joined to AD domain (and afaik the host domain should be the same as AD in this case), and offer Samba shares to them.