Re: Current ideas on kerberos requirements for Samba4

[Howard Chu <hyc@highlandsun.com>]

Andrew Tridgell wrote:
> Howard,
> 
> The type of users we are aiming at are not the ones who read
> documentation on ancillary packages. We have trouble enough getting
> our users to read the Samba docs, let alone reading the docs on half a
> dozen external services they would need to install to make Samba4
> work.

> For the types of end users we are aiming for, setting up a kerberos
> realm is like asking them to setup /etc/memcpy.conf. The fact that we
> call memcpy() in Samba is completely irrelevant to what our users are
> trying to achieve, which is to install a file server for their windows
> clients.  They don't care that we use memcpy(), and they don't care
> that recent versions of windows now send auth packets formatted
> according to krb5 standards.

We seem to have a basic philosophical disagreement here. I'll make one
more response in that regard and then let it drop. Yes, it is a Good 
Thing to make software easier to use. But (IMO) it is Not a Good Thing 
to cater to user ignorance. This is what the American entertainment 
industry has been doing for decades. Yes, it makes that industry a tidy 
profit year after year, and it also encourages more and more people to 
turn off their brains.

As the developer of a piece of software that is extremely popular and 
widely deployed, you are in a unique position to influence the world, 
for good or ill. You can aim for the low engagement user, and drag the 
rest of the world down to their level, or you can aim for a higher 
grade, and encourage the world to come up to your standard. (Besides, 
aiming to make software that even idiots can use is always a losing 
proposition - as the saying goes, you can't make anything idiot-proof 
because Nature will just make a better idiot.)

The issue is particularly critical here, because you're talking about 
integrating a piece of security infrastructure. Security and ignorance 
cannot coexist. Sure, people don't have to understand the 3-way 
handshakes and all the encryption layers to be productive, but they do 
have to understand the basic notions of Trust as it relates to 
principals and realms. Nobody is going to just drop it in and turn it on 
and go merrily on their way. Not even Windows administrators.

> I think that Samba3 is far to hard too install and configure. I want
> to make Samba4 much easier, and my fear is that it will in fact become
> much harder as we start to become dependent on more external tools.

You can create a nicely integrated package from multiple components 
without needing to reimplement all of the components. Symas has done it 
with our CDS packages (OpenLDAP+BerkeleyDB+Cyrus SASL+Heimdal+OpenSSL), 
and PADL has done it with XAD. You get far more mileage out of your own 
time and resources by leveraging what already exists. When you run into 
rough edges, you beat them into submission and move on...  ;)

> One way of looking at this is that we are trying to protect the MIT
> and Heimdal communities from the hordes of Samba users asking you
> silly questions when Samba4 comes out :-)

Some times, hordes of annoying questions can be a good motivator for 
projects to improve their docs and/or ease-of-use. It certainly exposes 
weak spots...
-- 
   -- Howard Chu
   Chief Architect, Symas Corp.       Director, Highland Sun
   http://www.symas.com               http://highlandsun.com/hyc
   Symas: Premier OpenSource Development and Support