[Samba] problems with sysvol after fsmo transfer

Michael Tokarev mjt at tls.msk.ru
Fri Jan 13 12:46:14 UTC 2023

13.01.2023 15:11, Rowland Penny via samba wrote:
> On 13/01/2023 11:28, Thorsten Marquardt via samba wrote:
...> There is a wiki page about using MIT:
> https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC
> * Computer GPO's are not applied, see [https://bugzilla.samba.org/show_bug.cgi?id=13516 Bug 13516]
> I am unclear about the first three, but the bug referred to in the last one is still open.

FWIW, I can't reproduce this issue with ad dc running samba 4.17 built against mit kerberos.

I asked the other day what are the implications running samba built with MIT krb5
as an AD DC, because other major distributions are doing that for quite some time,
there was nothing conclusive.

At least computer-based group policies are definitely being applied the usual way.
I can only guess if redhat or suse customers actually had a issue with that, they'd
at least do something with it.

On the client side though, samba with MIT kerberos is definitely more usable than
the one built with Heimdal.


More information about the samba mailing list