From 12b623088cf48cf9e4a046441810ef20e1f079b8 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 9 Mar 2022 12:39:07 +0100
Subject: [PATCH] docs-xml: add 'kdc enable fast' option

This will be useful to test against a KDC without FAST support
and find/prevent regressions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
---
 docs-xml/smbdotconf/security/kdcenablefast.xml | 15 +++++++++++++++
 lib/param/loadparm.c                           |  2 ++
 source3/param/loadparm.c                       |  2 ++
 3 files changed, 19 insertions(+)
 create mode 100644 docs-xml/smbdotconf/security/kdcenablefast.xml

diff --git a/docs-xml/smbdotconf/security/kdcenablefast.xml b/docs-xml/smbdotconf/security/kdcenablefast.xml
new file mode 100644
index 00000000000..e47ca3b0bd4
--- /dev/null
+++ b/docs-xml/smbdotconf/security/kdcenablefast.xml
@@ -0,0 +1,15 @@
+<samba:parameter name="kdc enable fast"
+                 type="boolean"
+                 context="G"
+                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+	<para>With the Samba 4.16 the embedded Heimdal KDC brings
+	support for RFC6113 FAST, which wasn't available in
+	older Samba versions.</para>
+
+	<para>This option is mostly for testing and currently only applies
+	if the embedded Heimdal KDC is used.</para>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index cae763b44ea..d6d845391e6 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2695,6 +2695,8 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
 	lpcfg_do_global_parameter(lp_ctx, "krb5 port", "88");
 	lpcfg_do_global_parameter(lp_ctx, "kpasswd port", "464");
 
+	lpcfg_do_global_parameter(lp_ctx, "kdc enable fast", "True");
+
 	lpcfg_do_global_parameter(lp_ctx, "nt status support", "True");
 
 	lpcfg_do_global_parameter(lp_ctx, "max wins ttl", "518400"); /* 6 days */
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 96b72c2dfe0..630937e521d 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -942,6 +942,8 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
 
 	Globals.kpasswd_port = 464;
 
+	Globals.kdc_enable_fast = true;
+
 	Globals.aio_max_threads = 100;
 
 	lpcfg_string_set(Globals.ctx,
-- 
2.34.1