samba - Dec 2013 - Question about Kerberos and what is the different if compile with internal heimdal or mit-krb5

Dear All,

Would like some know the answer on the above question.
What is the different between compiling using internal heimdal library vs
mit-krb5.

I'm on gentoo and thus like other distro having issue on the system-wide
mit-krb and removing it is not that convenient (But still possible)

I've try to compile samba 4.1.2 with internal heimdal library to work as a
Domain controller

But when I see the docs that I need to have krbdc or kinit.. It make me
feel that I need to run krb as well..
but I don't know the different to run external heimdal (krb)
I've check on the #samba chatroom.

lyken with a CentOS told that he have mit-krb and the DC is running fine...
Which is more that what I know...

Please help

Thank You.

On Mon, 2013-12-09 at 00:13 +0800, Chan Min Wai wrote:
> Dear All,
> 
> Would like some know the answer on the above question.
> What is the different between compiling using internal heimdal library vs
> mit-krb5.
> 
> I'm on gentoo and thus like other distro having issue on the
system-wide
> mit-krb and removing it is not that convenient (But still possible)
> 
> I've try to compile samba 4.1.2 with internal heimdal library to work
as a
> Domain controller
> 
> But when I see the docs that I need to have krbdc or kinit.. It make me
> feel that I need to run krb as well..
> but I don't know the different to run external heimdal (krb)
> I've check on the #samba chatroom.
> 
> lyken with a CentOS told that he have mit-krb and the DC is running fine...
> Which is more that what I know...
As long as you compile with the internal Heimdal, you can have a Samba
AD DC and system-wide MIT krb5 without issues.  

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba