[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: KDC config heimdal/samba4

On Fri, 2007-10-19 at 12:54 +0200, Johan Pellkvist wrote:
> Hi,
> I am playing around with heimdal included in samba4...
> Anybody know how to configure samba/heimdal-kdc like a standalone
> heimdal,
> I cannot find any configuration files for this...

This isn't really possible.  It will always use the Samba4 database. 

> How can I get a samba4/heimdal kdc to use AES encryption keys for
> heimdal clients such as kinit ?
> When trying heimdals kinit against a samba4 I always get an
> arcfour-hmac key...
> Any ideas ?

This changed because we haven't yet done the analysis to see how this
encryption type is stored in the active Directory 'password blob'.  

We could consider re-enabling the old code that stores this in a asn1
structure when we don't wish to participate in AD replication, but we
are very keen to avoid putting roadblocks in the way of that. 

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

This is a digitally signed message part