[Samba] classic upgrade, splitting servers
L.P.H. van Belle
belle at bazuin.nl
Wed May 24 07:51:51 UTC 2017
Hai Andrew,
Thank you for the extra info on that.
If thats the case, i do suggest trow in a message in the samba logs that is preffered to have CAPS for you realm.
Because, if people put them in smb.conf without caps, they wil do it also in krb5.conf and other config files.
Wile : https://web.mit.edu/kerberos/krb5-devel/doc/admin/realm_config.html
Stats: Although your Kerberos realm can be any ASCII string, convention is to make it the same as your domain name, in upper-case letters.
Making the more uniform will help in less problems. And finding a "caps" problem is hard, beleave me i know.. ;-)
Thats why i saying this.
I know its not a RFC to have REALM in CAPS but it should be imo.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: Andrew Bartlett [mailto:abartlet at samba.org]
> Verzonden: woensdag 24 mei 2017 9:42
> Aan: L.P.H. van Belle; samba at lists.samba.org
> Onderwerp: Re: [Samba] classic upgrade, splitting servers
>
> On Wed, 2017-05-24 at 09:11 +0200, L.P.H. van Belle via samba wrote:
> > Hai Stefan,
> >
> > A heads up and few adviced changes/tips for you.
> >
> > smb.conf:
> > realm = my.tld
> > Change to
> > realm = MY.TLD
> >
> > Try to set a REALM always in CAPS. Some programs rely on
> that. ( for
> > example, MIT Kerberos expects realm in CAPS ) So prepair
> for 4.7 now already to save problems in future.
> >
> Samba (which is the only thing that reads smb.conf) always
> upper cases the realm internally prior to use.
>
> (Just trying to avoid one more bit of samba folklore).
>
> Thanks,
>
> Andrew Bartlett
>
> --
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Catalyst IT
> http://catalyst.net.nz/services/samba
>
>
More information about the samba
mailing list