winbind_krb5_locator — A plugin for MIT and Heimdal Kerberos for detecting KDCs using Windows semantics.
This plugin is part of the samba(7) suite.
winbind_krb5_locator is a plugin that permits MIT and
Heimdal Kerberos libraries to detect Kerberos Servers (for the KDC and
kpasswd service) using the same semantics that other tools of the Samba
suite use. This include site-aware DNS service record lookups and caching
of closest dc.
The plugin uses the public locator API provided by most modern Kerberos
MIT Kerberos (at least version 1.5) or Heimdal Kerberos (at least version 1.0) is required.
The plugin queries the winbindd(8) daemon which needs to be configured and started separately.
winbind_krb5_locator.so file needs to be manually
copied to the plugin directory of the system Kerberos library.
For MIT Kerberos this is often:
For Heimdal Kerberos this is often:
Please check your local Kerberos installation for the correct
paths. No modification in
is required to enable the use of this plugin.
After copying the locator plugin to the appropriate plugin
directory it should immediately be available for use.
Users should be able to kinit into their kerberized Windows
environment without any modification or servers
being put manually into