[WHATSNEW] Samba AD with MIT Kerberos + Version change

Rowland Penny rpenny at samba.org
Thu May 4 07:51:14 UTC 2017


On Thu, 04 May 2017 09:21:44 +0200
Andreas Schneider <asn at samba.org> wrote:

> On Wednesday, 3 May 2017 17:22:36 CEST Rowland Penny via
> samba-technical wrote:
> > On Wed, 3 May 2017 08:33:14 -0600
> > 
> > Jeff Sadowski <jeff.sadowski at gmail.com> wrote:
> > > Thoughts on not having something run on a port. seLinux on Fedora,
> > > Centos. Apparmor for Debian, Ubuntu. I really wish they made those
> > > things easier to use. For testing I always disable them as best I
> > > can.
> > 
> > Apparmor isn't installed, so it isn't that.
> > 
> > OK, fresh git pull:
> > 
> > samba -V
> > Version 4.7.0pre1-GIT-61d6882b54d
> > 
> > I did the two changes as recommended by Andreas and then compiled
> > with:
> > 
> > ./configure --with-system-mitkrb5
> > make
> > make install
> > 
> > I now get an error, python doesn't like Andreas's second patch, so
> > back to mine:
> > 
> > from samba import is_heimdal_built
> > import os
> > 
> > def make_kdcconf(realm, domain, kdcconfdir, logdir):
> > 
> >     if is_heimdal_built:
> >         return
> > 
> > The provision command works, but kdc.conf is not created.
> > 
> > I do not have any Heimdal packages installed, but it seems that the
> > provision seems to think that Heimdal has been built. Looking in
> > pyglue.c , it seems that the test is if 'SAMBA4_USES_HEIMDAL' is
> > defined somewhere and as it seems to returning True, it must be ;-(
> 
> I will look into it after my talk today.
> 
> SAMBA4_USES_HEIMDAL is defined in bin/default/include/config.h
> 
> after you run configure.
> 
> 
> 	Andreas
> 

I tried again, new install of Devuan Jessie upgraded to Ascii (debian
stretch without systemd) installed usual packages plus MIT 1.15.1 from
Louis's packages. Added the two patches and compiled Samba.

Provisioned Samba but kdc.conf is not created and nothing is listening
on port 88.

I have checked config.h and it does not contain 'SAMBA4_USES_HEIMDAL'

Could it be anywhere else ?

Rowland
 



More information about the samba-technical mailing list