Samba to maintain Kerberos library configuration
Ondrej Valousek
webserv at s3group.cz
Wed Aug 26 00:47:23 MDT 2009
> No it's not useless at all.
>
> All MIT Kerberos library can do is to return one of the many DCs
> available but they have no way to tell which one is the closest.
>
> You may end up being unlucky and try to send your requests to a server
> on the other side of the world connected by a 56K modem.
>
> Of course this is not a concern if you don't have more than one site and
> all your DCs are equally reachable and fast.
>
> Simo.
>
Hi Simo,
Interesting! Couple of points / questions though:
1. Any thought's why RedHat'ish samba is not shipped with this?
2. Is there anything similar for ldap (i.e. something like
winbind_ldap_locator)? I am asking as we might reuse this one for
automounter, too.
3. Ultimately, it will not help me with configuring the krb5.conf
itself. I know Centrify does this (quite nicely), but it is a commercial
product so I hoped Samba have something similar, too.
Many thanks,
Ondrej
More information about the samba-technical
mailing list