[Samba] Offical RHEL AD DC on RHEL
- Date: Sun, 19 Feb 2017 06:58:19 +1300
- From: Andrew Bartlett via samba <samba@xxxxxxxxxxxxxxx>
- Subject: [Samba] Offical RHEL AD DC on RHEL
On Sat, 2017-02-18 at 10:36 +0100, Dario Lesca via samba wrote:
> Centos [6,7]* however does not have into current samba 4.x version
> fully support to AD DC (without rebuild the source with some few
> > [lesca@dodo ~]$ rpm -ql samba-dc
> > /usr/share/doc/samba-dc
> > /usr/share/doc/samba-dc/README.dc
> > [lesca@dodo ~]$ cat /usr/share/doc/samba-dc/README.dc
> > MIT Kerberos 5 Support
> > =======================
> > ...The Samba build in Fedora is using MIT Kerberos
> > implementation in order to allow system-wide interoperability
> > between
> > both desktop and server applications running on the same machine.
> > At the moment the Samba Active Directory Domain Controller
> > implementation is not available with MIT Kereberos. FreeIPA and
> > Samba
> > Team members are currently working on Samba MIT Kerberos support as
> > this is a requirement for a GNU/Linux distribution integration of
> > Samba AD DC features.
> > We have just finished migrating the file server and all client
> > utilities to MIT Kerberos. The result of this work is available in
> > samba-* packages in Fedora. We'll provide Samba AD DC functionality
> > as soon as its support of MIT Kerberos KDC will be ready.
> How do you deploy samba AD DC on Centos?
> Manually rebuild it or ...
Yes, or find a package by a third party.
> You know that Samba 4.7 will have support to AD-DC with MIT Kerberos?
There is still a lot of work to do on that as I understand it, and even
then it will require a very modern MIT Krb5, and probably not what is
in RHEL. This will remain a long road, sorry.
Even with all that, users of Samba as an AD DC often wish to obtain a
version (due to bug fixes and new features) that is much more current
than shipping when a RHEL freezes, so I wonder if it will really be
that much use anyway.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
To unsubscribe from this list go to the following URL and read the