Current ideas on kerberos requirements for Samba4

Gerald (Jerry) Carter jerry at
Tue May 24 17:39:23 EDT 2005

Hash: SHA1

Henrik Nordstrom wrote:
| On Tue, 24 May 2005, Gerald (Jerry) Carter wrote:
|> If you want to add interoperability back to the buffet, then
|> the Samba4 kdc implementation (and LDAP implementation)
|> will have to be world class, scalable implementations.
| I have always assumed the LDAP and KDC server componends
| of Samba4 is  only required if you run Samba as a domain
| controller, while in most if  not all interoperability
| situations Samba runs as a memberserver without
| the LDAP or KDC server components where this
| isn't an issue.
| Based on this I don't really see the concerns. But if
| the above isn't  true then I am truly concerned about
| how to deploy Samba4.

You are correct.  We are strictly talking about being an
AD DC here.

| If you want to run Samba as a AD domain controller (not
| as a member  server) then in my eyes is it quite reasonable
| that Samba provides a LDAP and KDC for this purpose.

My best guess is that the early adopters of Samba 4 will
be entirely for the AD  domain controller functionality.

I used to compare Samba 3 and 4 to apache 1.3 and 2.0.
But it really is not a good comparison.  Samba 3 and 4
are different code bases and in some ways different
projects with different goals.  I expect that Samba 3
and 4 will be deployed side by side for quite some time
until Samba 4 is able to completely replace all of the
crufty features that exist in Samba 3.

cheers, jerry
Alleviating the pain of Windows(tm)      -------
GnuPG Key                -----
"I never saved anything for the swim back."     Ethan Hawk in Gattaca
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -


More information about the krbdev mailing list