Samba 4

Reindl Harald h.reindl at thelounge.net
Wed Feb 20 20:22:39 UTC 2013 


Am 20.02.2013 21:18, schrieb Shelby:
> http://fedoraproject.org/wiki/Features/Samba4
> 
> Seems a bit conflicting as it was stated somewhere in the release that Fedora 18 and Samba 4 could be used as a DC.

not if you read it really

Samba 4 AD DC functionality relies heavily on Heimdal Kerberos implementation. Samba 4 includes the embedded
Heimdal, if your system misses it, like we have in Fedora. When embedded Heimdal is in use, all Samba 4 code is
compiled against this Kerberos implementation, including client side libraries and tools, and traditional file
serving smbd daemon we know as 'samba' package in Fedora.

Fedora uses MIT Kerberos implementation, both server and client side. Heimdal and MIT Kerberos are targetting to
implement the same Kerberos V protocol but have their own extensions API and certain semantical differences. They
also have slightly different meaning to Kerberos credential cache files format where Kerberos-aware applications
store their Kerberos keys. While this is not an issue for client-server communication over a network (a Heimdal
client does talk the same Kerberos V protocol that MIT Kerberos server understands and vice versa),
interoperability of the client or server code using the same credential cache files on the same system is much less
supported for advanced features like S4U2Proxy and S4U2Self.

> ________________________________________
> From: users-bounces at lists.fedoraproject.org [users-bounces at lists.fedoraproject.org] On Behalf Of Kleber Rocha [klinux at gmail.com]
> Sent: Wednesday, February 20, 2013 1:14 PM
> To: Community support for Fedora users
> Subject: Re: Samba 4
> 
> Samba4 on fedora don't support Domain Control setup, here you can read about this:
> 
> http://wiki.samba.org/index.php/Samba4/MIT_KDC

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130220/7e6f9298/attachment.sig>

More information about the users mailing list