Andrew Bartlett abartlet at samba.org
Fri Oct 30 03:25:29 UTC 2020

On Fri, 2020-10-30 at 03:05 +0100, Jacek via samba wrote:
>  >
> I do not understand why you are doing this, for kerberos to work 
> correctly, you need to be able to find everything easily and
> everything 
> must be using the same time. So, you need kerberos, a dns server and
> an 
> ntp server and if you want more than authentication, you need a 
> fileserver. OH look, I just described Active Directory 😁
> Not saying you cannot get this setup to work, but why are you
> attempting 
> to reinvent the wheel ?
> Rowland
>   He did not reinvent the wheel.
>   I tested Samba DC out of curiosity, but it had too many bugs to
> use, 
> so I quit DC and went back to Standalone.

The fact that you discard a well tested and well understood
configuration for another valid, but not-well-tested and much less
widely understood configuration suggests to me that you may need to
spend a lot more time with your curiosity if you want this to work.

Yes, we can currently accept 'MIT style' kerberos tickets from an old-
style realm, but I would never advise to start a new realm in 2020 that

Andrew Bartlett

Andrew Bartlett                       https://samba.org/~abartlet/
Authentication Developer, Samba Team  https://samba.org
Samba Developer, Catalyst IT          

More information about the samba mailing list