[Samba] Question about Kerberos and what is the different if compile with internal heimdal or mit-krb5

Nico Kadel-Garcia nkadel at gmail.com
Sun Dec 8 12:49:33 MST 2013

On Sun, Dec 8, 2013 at 1:48 PM, Andrew Bartlett <abartlet at samba.org> wrote:
> On Mon, 2013-12-09 at 00:13 +0800, Chan Min Wai wrote:
>> Dear
>> Would like some know the answer on the above question.
>> What is the different between compiling using internal heimdal library vs
>> mit-krb5.
>> I'm on gentoo and thus like other distro having issue on the system-wide
>> mit-krb and removing it is not that convenient (But still possible)
>> I've try to compile samba 4.1.2 with internal heimdal library to work as a
>> Domain controller
>> But when I see the docs that I need to have krbdc or kinit.. It make me
>> feel that I need to run krb as well..
>> but I don't know the different to run external heimdal (krb)
>> I've check on the #samba chatroom.
>> lyken with a CentOS told that he have mit-krb and the DC is running fine...
>> Which is more that what I know...
> As long as you compile with the internal Heimdal, you can have a Samba
> AD DC and system-wide MIT krb5 without issues.
> Andrew Bartlett

And if you'd like to save some pain assembling all the dependencies
for CentOS 6, poke your nose in at my Samba 4.x compliation suite, and
the notes, at https://github.com/nkadel/samba4repo and the relevant
repositories it demands local copies of: t: samba-srpm, krb5-srpm,
iniparser-srpm, libtdb-srpm, libldb-srpm, libtalloc-srpm,
libtevent-srpm. I've recently updated it to Samba version 4.1.2.

Incorporating the latest ntdb changes with the samba 4.1.x releases
took me a bit of time, but I've found it very useful for testing basic
functions with RHEL 6 based operating systems.

More information about the samba mailing list