KDC built in or out of smbd

Volker Lendecke Volker.Lendecke at SerNet.DE
Wed Nov 30 09:09:30 GMT 2005


On Wed, Nov 30, 2005 at 09:56:29AM +0100, Marc Balmer wrote:
> Having the LDAP server, KDC, RPC services, and fileserver on the same
> host mandatory would be a major drawback.  At least for the LDAP and
> KDC it should be possible to run them on different machines.

Sorry to be so direct, but Windows clients expect those services to be
available under the same IP address. You could in theory play nasty games with
port forwarding, but this would be an administrative nightmare.

So please contact your Microsoft support if this client behaviour does not meet
your security requirements.

Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20051130/b816eccc/attachment.bin


More information about the samba-technical mailing list