blob: 0af0c2cc95fe77c688de30bf322ede078788f1db (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
<refentry id="winbind_krb5_locator.8">
<refmeta>
<refentrytitle>winbind_krb5_locator</refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo class="source">Samba</refmiscinfo>
<refmiscinfo class="manual">8</refmiscinfo>
<refmiscinfo class="version">&doc.version;</refmiscinfo>
</refmeta>
<refnamediv>
<refname>winbind_krb5_locator</refname>
<refpurpose>A plugin for MIT and Heimdal Kerberos for detecting KDCs using Windows semantics.</refpurpose>
</refnamediv>
<refsect1>
<title>DESCRIPTION</title>
<para>
This plugin is part of the <citerefentry><refentrytitle>samba</refentrytitle>
<manvolnum>7</manvolnum></citerefentry> suite.
</para>
<para>
<command>winbind_krb5_locator</command> is a plugin that permits MIT and
Heimdal Kerberos libraries to detect Kerberos Servers (for the KDC and
kpasswd service) using the same semantics that other tools of the Samba
suite use. This include site-aware DNS service record lookups and caching
of closest dc.
The plugin uses the public locator API provided by most modern Kerberos
implementations.
</para>
</refsect1>
<refsect1>
<title>PREREQUISITES</title>
<para>
MIT Kerberos (at least version 1.5) or Heimdal Kerberos (at least version
1.0) is required.
</para>
<para>
The plugin queries the <citerefentry><refentrytitle>winbindd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> daemon which needs to be configured
and started separately.
</para>
<para>
The <command>winbind_krb5_locator.so</command> file needs to be manually
copied to the plugin directory of the system Kerberos library.
For MIT Kerberos this is often:
<filename>/usr/lib/krb5/plugins/libkrb5/</filename>.
For Heimdal Kerberos this is often:
<filename>/usr/lib/plugin/krb5/</filename>.
Please check your local Kerberos installation for the correct
paths. No modification in <filename>/etc/krb5.conf</filename>
is required to enable the use of this plugin.
</para>
<para>
After copying the locator plugin to the appropriate plugin
directory it should immediately be available for use.
Users should be able to kinit into their kerberized Windows
environment without any modification or servers
being put manually into <filename>/etc/krb5.conf</filename>.
</para>
</refsect1>
<refsect1>
<title>VERSION</title>
<para>
This man page is part of version &doc.version; of the Samba suite.
</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>
The original Samba software and related utilities were created by Andrew
Tridgell. Samba is now developed by the Samba Team as an Open Source
project similar to the way the Linux kernel is developed.
</para>
<para>
The winbind_krb5_locator manpage was written by Guenther Deschner.
</para>
</refsect1>
</refentry>
|