Rob Verduijn changed bug 794744
What Removed Added
Status RESOLVED REOPENED
Resolution FEATURE ---

Comment # 29 on bug 794744 from 
Hi all,

It's been a while.

In the other week I got an email from the samba notification list.
4.7.0 was released 

However the interesting bit was in the release notes:
https://www.samba.org/samba/history/samba-4.7.0.html

I noticed this bit :

Samba AD with MIT Kerberos
--------------------------

After four years of development, Samba finally supports compiling and
running Samba AD with MIT Kerberos. You can enable it with:

    ./configure --with-system-mitkrb5

Samba requires version 1.15.1 of MIT Kerberos to build with AD DC support.
The krb5-devel and krb5-server packages are required.
The feature set is not on par with the Heimdal build but the most important
things, like forest and external trusts, are working. Samba uses the KDC binary
provided by MIT Kerberos.

Missing features, compared to Heimdal, are:
  * PKINIT support
  * S4U2SELF/S4U2PROXY support
  * RODC support (not fully working with Heimdal either)

The Samba AD process will take care of starting the MIT KDC and it will load a
KDB (Kerberos Database) driver to access the Samba AD database.  When
provisioning an AD DC using 'samba-tool' it will take care of creating a
correct
kdc.conf file for the MIT KDC.

For further details, see:
https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC


As James McDonough mentioned in comment 25.
Until MIT kerberos is supported in the AD DC, we simply will not ship anything
related to the AD DC code.


It is now being shipped with MIT-kerberos supported AD DC.

Looking forward to the release on suse :-P

Rob Verduijn

You are receiving this mail because: