On Sat, 2005-07-09 at 18:51 +1000, Brian May wrote: > >>>>> "Andrew" == Andrew Bartlett <abartlet@samba.org> writes: > > Andrew> Samba4 will include a copy of Heimdal kerberos, crippled > Andrew> such as to be built into Samba4's smbd. Indeed, the rsh, > Andrew> kx and even kadmin and kdc binaries will not be available > Andrew> to the user. > > Presumably you will be able to disable this crippled Kerberos support > if you want the real thing, and Samba4 will work with the real thing? Sort of, eventually. Nothing in Samba4 will by default conflict with the kerberos installation on the host, so you will be able to install all these yourself. The current plan is that we will initially ship a possibly modified, known snapshot of Heimdal with Samba4, and that we will interact closely with that snapshot. As we get further into released versions of Samba4, and as we get volunteers to maintain stringent configure checks, I'll be happy to allow us to optionally link to a system krb5 lib. I know some distributors will be very keen to do this, but they will also take on the risk that a Samba upgrade may force a change to those libs (because incompatibilities with windows clients may well be in krb5/gssapi or Samba, and the fix could fit anywhere in there). My nightmare is that the clikrb5.c glue layer we currently maintain might balloon out in size, and in that case I would prefer to say 'no' to external krb5 libs than create a quagmire there. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc. http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
This is a digitally signed message part