|
|
Andrew Bartlett wrote:
When we finish the work to use Heimdal externally, it will be trivial to
package a 'hdb_samba4.so' that the kadmind (or an externally launched
KDC if someone is mad enough to want that) would be quite happy to load,
should that be how you wish to manage it. We already implement the enum
and a few other methods that the KDC will never use, just for this
case :-)
There maybe a few points to consider:
1. Samba will probably be much happier in the long run, if it manages to
put 'hdb_samba4.so' (and 'win_dc' plugin as well) into Heimdal's tree,
so that it is updated/patched together with the rest of their code.
2. When linux-minded person reads that Samba uses Heimdal KDC under the
hood, the person immediately installs Heimdal's client tools, and tries
to launch kadmin on the server. When the servers replies negatively, the
person glances the docs, and after no clues found there, writes to the
mailing list. The person may optionally try to find the solution in the
source code, but that doesn't change much ATM ;)
3. Using external KDC is a solution that address both 1. and 2. from
above. However, the solution seems to be in a distant future. However,
there is a half-way solution: internally build the external KDC with
proposed Samba-related patches. This will require an /etc/init.d-style
script to launch that KDC after Samba, similarly to how smbd is launched
after nmbd in Samba 3.
--
Sergey Yanovich
Abstract Accounting Ltd.
http://aasii.org/
|
|