MIT kerberos vs heimdal
Tomasz Pala
gotar at polanet.pl
Sat Feb 7 18:15:24 CET 2015
On Sat, Feb 07, 2015 at 17:38:39 +0100, Jan Rękorajski wrote:
> That was old reason, last time I checked MIT did not have LDAP
> and Samba support. Also no Samba flavor ever built with MIT,
It still doesn't have smbk5pwd if that is what you meant, but honestly I don't
understand what is this all about (I don't use AD). Well, more than
written here: https://lists.debian.org/debian-edu/2010/05/msg00019.html
But there is LDAP backend:
http://web.mit.edu/kerberos/krb5-devel/doc/admin/conf_ldap.html
Oh, and I've just found this thread:
http://www.openldap.org/lists/openldap-technical/201402/msg00197.html
pointing to https://github.com/opinsys/smbkrb5pwd
> and that's crucial now Samba is a real AD server. Just read README.dc
> from Fedora's samba package, it's so pathetic it still makes me
> laugh my ass off.
>
> That were the reasons we switched to Heimdal.
How can I set default and user password policy using Heimdal without
LDAP (I won't put passwords into public directory designed for
authorization not authentication)? I need plain authentication service,
no LDAP and no SASL involved.
--
Tomasz Pala <gotar at pld-linux.org>
More information about the pld-devel-en
mailing list