Current ideas on kerberos requirements for Samba4
Henrik Nordstrom
hno at squid-cache.org
Tue May 24 17:20:40 EDT 2005
On Tue, 24 May 2005, Gerald (Jerry) Carter wrote:
> If you want to add interoperability back to the buffet, then
> the Samba4 kdc implementation (and LDAP implementation)
> will have to be world class, scalable implementations.
I have always assumed the LDAP and KDC server componends of Samba4 is only
required if you run Samba as a domain controller, while in most if not all
interoperability situations Samba runs as a memberserver without the LDAP
or KDC server components where this isn't an issue.
Based on this I don't really see the concerns. But if the above isn't true
then I am truly concerned about how to deploy Samba4.
If you want to run Samba as a AD domain controller (not as a member
server) then in my eyes is it quite reasonable that Samba provides a LDAP
and KDC for this purpose.
But I agree to some extend on your concerns in the long run. If the goal
is to become a full replacement for MS AD then the last word in that name
needs to be fulfilled. MS AD is a quite good directory server capable and
often used for far more than just the domain controller tasks. But I do
not see this as a requirement for the MS AD controller capability of
Samba-4.0.
Regards
Henrik
More information about the krbdev
mailing list