Michael Tokarev
2022-Nov-11 08:02 UTC
[Samba] switching to mit-krb5 on a Samba AD DC: kdc.conf?
Hello! After successfully building Debian/Ubuntu samba packages with MIT Kerberos, I tried to switch the Samba DC from Heimdal Kerberos implementation to MIT. And I wonder why samba can't generate the kdc.conf file itself when it is about to run the krb5kdc thing? It looks like it is the only real thing needed to switch between the two, to generate /var/lib/samba/private/kdc.conf file with a well-known contents (with the name of the domain in question in side). It is relatively easy to do that in a script but it is even easier to do that from within samba binary, like it is done when creating the DC initially. Why can't samba do this internally on demand? Thanks! /mjt