[Samba] switching to mit-krb5 on a Samba AD DC: kdc.conf?
Michael Tokarev
mjt at tls.msk.ru
Fri Nov 11 08:02:31 UTC 2022
Hello!
After successfully building Debian/Ubuntu samba packages with MIT Kerberos,
I tried to switch the Samba DC from Heimdal Kerberos implementation to MIT.
And I wonder why samba can't generate the kdc.conf file itself when it is
about to run the krb5kdc thing? It looks like it is the only real thing
needed to switch between the two, to generate /var/lib/samba/private/kdc.conf
file with a well-known contents (with the name of the domain in question
in side). It is relatively easy to do that in a script but it is even
easier to do that from within samba binary, like it is done when creating
the DC initially.
Why can't samba do this internally on demand?
Thanks!
/mjt
More information about the samba
mailing list