08.11.2022 14:19, Vincent Danjean wrote:
[building samba with mit kerberos]
Actually, I had a thought like this for quite some time, to try
the MIT kerberos samba build. Myself, I don't know much about the
two kerberos implementations and less so about their usage in
samba. What I do know is that redhat/fedora uses mit-kerberos builds
of samba for quite some time, their build instructions removes whole
thord_party/heimdal directory as the very first step to ensure this
stuff is never used by samba build. So it might be interesting to
take a look there.
For now I have other stuff to do but this is definitely in my todo list.
An additional data point: with samba, you have to rely on your own
basically, since for many things, there's no one to assist you.
Thank you for your feedback. Perhaps, the first thing I will do
will be to get the fedora smbclient binary (with its libraries)
just to check that my use case would be successful.
In any case, I will report here the progress I do if any.
I just gave it a try, and it went rather smooth actually, - one needs
to add the libkrb5-dev package to build-depends, specify 3 extra
configure options, and adjust file lists for a few packages (exclude
heimdal libs and include a few new files).
But now I've a big question, actually two:
1. how does one sets up the samba AD DC --with-experimental-mit-ad-dc,
2. how does one "upgrade" existing samba AD DC controller created with
samba which was built with the embedded heimdal, to samba built
--with-experimental-mit-ad-dc ?
I guess this is a question for samba-users@ ?
Thanks,
/mjt
