MIT kerberos vs heimdal

Tomasz Pala gotar at
Sat Feb 7 18:15:24 CET 2015

On Sat, Feb 07, 2015 at 17:38:39 +0100, Jan Rękorajski wrote:

> That was old reason, last time I checked MIT did not have LDAP
> and Samba support. Also no Samba flavor ever built with MIT,

It still doesn't have smbk5pwd if that is what you meant, but honestly I don't
understand what is this all about (I don't use AD). Well, more than
written here:
But there is LDAP backend:

Oh, and I've just found this thread:
pointing to

> and that's crucial now Samba is a real AD server. Just read README.dc
> from Fedora's samba package, it's so pathetic it still makes me
> laugh my ass off.
> That were the reasons we switched to Heimdal.

How can I set default and user password policy using Heimdal without
LDAP (I won't put passwords into public directory designed for
authorization not authentication)? I need plain authentication service,
no LDAP and no SASL involved.

Tomasz Pala <gotar at>

More information about the pld-devel-en mailing list