[Samba] logging lines in krb5.conf
Jason Keltz
jas at eecs.yorku.ca
Mon Oct 5 18:29:15 UTC 2020
On 10/5/2020 12:44 PM, Rowland penny via samba wrote:
> On 05/10/2020 17:27, Jason Keltz via samba wrote:
>>
>> Hi Roland,
>>
>> I'm glad you brought that up. This is a piece of the puzzle I have
>> been very confused with. I'm not using the Samba from CentOS/RHEL,
>> but a custom compiled one (latest 4.11.13). As CentOS uses MIT
>> Kerberos by default, am I not automatically using MIT Krb5 on the
>> server in the mode you describe as "Experimental"? Is Samba
>> re-implenting the Heimdal based Kerberos, or using the system
>> Kerberos? Do I have a choice? And If my system doesn't use Heimdel
>> and only has MIT Krb5 libraries, isn't that what would be used?
>> Here's the ldd on the samba binary...
>
> It depends on how you actually built Samba, did you pass
> '--with-system-mitkrb5 --with-experimental-mit-ad-dc' to configure ?
>
> You could try running 'smbd -b | grep HAVE_LIBKADM5SRV_MIT' on the DC
>
> Rowland
Hi Rowland,
Our auto build system is compiling with this:
--with-acl-support
--with-piddir=/run
--with-configdir=/etc/samba
--with-statedir=/local/samba/locks
--with-cachedir=/local/samba/cache
--with-lockdir=/local/samba/lock
--with-privatedir=/local/samba/private
--with-sockets-dir=/run
--with-privileged-socket-dir=/var/lib
--with-logfilebase=/local/log
--with-syslog
However,
> % smbd -b | grep HAVE_LIBKADM5SRV_MIT
> HAVE_LIBKADM5SRV_MIT
I'd like to believe that the Kerberos implementation with Samba could
run independent of the O/S one, but I suspect that if you have MIT
Kerberos, it's going to compile with that?
Jason.
More information about the samba
mailing list