Samba4 and Heimdal Kerberos dependencies

Andrew Bartlett abartlet at
Wed Feb 9 21:02:52 GMT 2005

On Wed, 2005-02-09 at 10:14 +1100, Luke Howard wrote:
> >While GSSAPI is common between many implementations, we also need access
> >to functions added to Heimdal by PADL, for their AD implementation (such
> >as gsskrb5_extract_authz_data_from_sec_context()).  This example allows
> >us, as a server, to extract the PAC from an incoming request, without
> >needing to separately parse the GSSAPI wrapping.
> Also, we contributed a port of the MIT mechanism glue, it is currently
> sitting in a branch pending integration. This allows you to dynamically
> load different security mechanisms.

This is one of the things I look forward to most, and I thank PADL for
contributing.  Alongside the SPNEGO implementation in Heimdal, this
should be a powerful combination.

I do thank PADL for the work they have done on Heimdal - I'm very glad
we can take this 'real work' (rather than just plans or ideas) and use
it, and hope that just as we leverage PADL's work in this area now, that
our contributions back may be likewise leveraged in PADL's products in
future.  (And hopefully contribute an even-more-useful, stronger
kerberos infrastructure to the whole community).

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list