Samba to maintain Kerberos library configuration

Ondrej Valousek webserv at
Wed Aug 26 00:47:23 MDT 2009

> No it's not useless at all.
> All MIT Kerberos library can do is to return one of the many DCs
> available but they have no way to tell which one is the closest.
> You may end up being unlucky and try to send your requests to a server
> on the other side of the world connected by a 56K modem.
> Of course this is not a concern if you don't have more than one site and
> all your DCs are equally reachable and fast.
> Simo.
Hi Simo,

Interesting! Couple of points / questions though:

1. Any thought's why RedHat'ish samba is not shipped with this?
2. Is there anything similar for ldap (i.e. something like 
winbind_ldap_locator)? I am asking as we might reuse this one for 
automounter, too.
3. Ultimately, it will not help me with configuring the krb5.conf 
itself. I know Centrify does this (quite nicely), but it is a commercial 
product so I hoped Samba have something similar, too.

Many thanks,

More information about the samba-technical mailing list