samba - Apr 2019 - GPO Filtering Denied

> > > 
> > > There are two opensource kerberos servers, one is MIT, which is
the
> > > default on red-hat distros, the other is Heimdal, which is the
> > > default for Samba. After a lot of work, Fedora is now using MIT
> > > with Samba, but there is still a lot more to do, so it is
> > > recommended to only use the Fedora packages for testing and Samba
> > > with MIT is marked as experimental.
> > > 
> > > > 
> > > > What are my other choices?  Compile from source? 
> > > 
> > > You can compile from source, but this would entail either
creating
> > > your own RPM's or setting the configure options to place
Samba into
> > > where Fedora expects it to be (which could be overwritten by a
> > > later distro update) or just running './configure' which
would
> > > place Samba entirely into /usr/local/samba. You could also try to
> > > find a repo that supplies Fedora RPM's that use Heimdal.
> > > 
> > > Another option is to use a distro that has always used Heimdal,
> > > Debian is such a distro, but their Samba packages are bit old,
this
> > > isn't a big problem, you can find later Samba packages here: 
> > 
> > I was just doing some searches for other distributions.  Centos was
> > said to be based on Redhat.  Do you know if it would be a good one to
> > use for Samba DC?
> > 
> 
> Centos is RHEL recompiled and as such, it will suffer from the same
> problems as Fedora (some people call Fedora, RHEL testing) from the
> Samba point of view. Basically, if you are going to change distro, you
> need to find one that doesn't use MIT as its default kerberos server.
> This will probably mean one that doesn't use RPM's.
Ok, so Debian?  What about Ubuntu?

Thank you.
> 
> Rowland
> 


This email message and any attachments are for the sole use of the 
intended recipient(s) and may contain proprietary and/or confidential 
information which may be privileged or otherwise protected from 
disclosure. Any unauthorized review, use, disclosure or distribution is 
prohibited. If you are not the intended recipient(s), please contact the 
sender by reply email and destroy the original message and any copies of 
the message as well as any attachments to the original message.

On Fri, 19 Apr 2019 10:26:09 -0600
durwin at mgtsciences.com wrote:
> > >   
> > 
> > Centos is RHEL recompiled and as such, it will suffer from the same
> > problems as Fedora (some people call Fedora, RHEL testing) from the
> > Samba point of view. Basically, if you are going to change distro,
> > you need to find one that doesn't use MIT as its default kerberos
> > server. This will probably mean one that doesn't use RPM's.  
> 
> Ok, so Debian?  What about Ubuntu?
If you use 18.04, you can find up to date deb's at the same place as
the Debian ones: http://apt.van-belle.nl/

Rowland

> On Fri, 19 Apr 2019 10:26:09 -0600
> durwin at mgtsciences.com wrote:
> 
> > > > 
> > > 
> > > Centos is RHEL recompiled and as such, it will suffer from the
same
> > > problems as Fedora (some people call Fedora, RHEL testing) from
the
> > > Samba point of view. Basically, if you are going to change
distro,
> > > you need to find one that doesn't use MIT as its default
kerberos
> > > server. This will probably mean one that doesn't use
RPM's.
> > 
> > Ok, so Debian?  What about Ubuntu?
> 
> If you use 18.04, you can find up to date deb's at the same place as
> the Debian ones: http://apt.van-belle.nl/
Thank you.  I looked back at the website I was following.  I hadn't 
noticed
it till now.  It does say 'Create an Active Directory Infrastructure with 
Samba4 on Ubuntu – Part 1'.
So I will try Ubuntu.  Thank you for time Rowland.

Durwin



This email message and any attachments are for the sole use of the 
intended recipient(s) and may contain proprietary and/or confidential 
information which may be privileged or otherwise protected from 
disclosure. Any unauthorized review, use, disclosure or distribution is 
prohibited. If you are not the intended recipient(s), please contact the 
sender by reply email and destroy the original message and any copies of 
the message as well as any attachments to the original message.