MIT kerberos vs heimdal
Tomasz Pala
gotar at polanet.pl
Sat Feb 7 14:52:49 CET 2015
Anyone knows/remembers why did we choose heimdal over MIT? I assume
there were some reasons behind this decision (besides "let's do this in
a different way"), however I'm not sure if they are still valid (e.g.
missing features might have been added, someone might have taken over
abandoned maintaining etc.)
The only note I could find is krb5.spec header, so I'm worried that
current state is drived by inertia only, as every mainstream I
peek uses MIT. Heimdal OTOH requires some patching like:
http://lists.pld-linux.org/mailman/pipermail/pld-devel-pl/2012-October/155947.html
http://comments.gmane.org/gmane.linux.redhat.sssd.devel/7886
I need my KDC to interact with non-PLD MIT-based Linux systems (fortunatelly
without any samba) and I prefer to have MIT password policies (LDAP
integration to use ppolicy requires non-reliable scripting anyway).
--
Tomasz Pala <gotar at pld-linux.org>
More information about the pld-devel-en
mailing list