On Tue, 2006-11-07 at 20:31 +1100, Andrew Bartlett wrote:
> Just a heads up that I know about the portability issues introduced with
> the merge of lorikeet-heimdal onto Samba4. I would appreciate any
> assistance in fixing any hosts I've broken, but in any case, I expect to
> spend the next couple of days chasing this down.
> Please also let me know if you find any strange kerberos behaviours.
Well, I think I've almost finished my 3 weeks of Heimdal wrangling. The
diff between Samba's lorikeet-heimdal and Heimdal itself is now about
500 lines, mostly being a few extra hooks we need.
We have made very good progress on API extension, with the new
krb5_rd_req_ctx() replacing the ugly hack that was
Much of the work was porting our changes into Heimdal, and handling the
subtle changes introduced when features like 'DCE_STYLE' GSSAPI were
Soon we may be in a position to be able to unpack a Heimdal tarball into
heimdal, rather than require our own modified copy. (We may not want
to, but having pristine upstream sources would be a very good thing).
My next aim is to use PKINIT to support smart card login to Windows
hosts in a Samba domain.
I'll also return to the LDAP server work, with my sights set on Fedora
DS. Oh, and I've got my wedding coming up very soon, so I might get
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com