Heimdal V.S. MIT on SAMBA4

Andrew Bartlett abartlet at samba.org
Thu Oct 27 01:32:36 GMT 2005

On Wed, 2005-10-26 at 21:04 -0400, John E. Malmberg wrote:
> Andrew Bartlett wrote:
> >>John E. Malmberg wrote:
> >>
> >>
> >>>Is there some place that I can get a list of the changes that were
> >>>done to Heimdal Kerberos for SAMBA 4?
> > 
> > Is this just the general rule (more than one krb5 == pain), or something
> > extra and specific to OpenMVS?
> > Because we do not install or rely on shared libraries for krb5 or ldap,
> > we avoid most of that pain.  (They are just more items in the
> > objectlist).
> I really do not know at this point, my suspicion is that the person 
> thinks that SAMBA is taking over the Kerberos Server ports and not just 
> being a client.

Oh, we will certainly be doing that.  The KDC is one of the many
services that Samba4 will provide, and just like you can only run one
web server per IP, you can only run one KDC per IP.

The interesting issue is how to deal with sites that have an existing
kerberos infrastructure, and want to run Samba4 as well.  This will be
painful, so I'm looking first at sites that do not have kerberos (NT4,
Samba3), or are migrating totally from AD.  

Andrew Bartlett
Andrew Bartlett                                http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc.        http://suse.de
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051027/fb9e933e/attachment.bin

More information about the samba-technical mailing list