My network is extremely simple, having a few clients, a DiskStation, and a VM on the DiskStation. Advanced features of file sharing, including SMB/CIFS and NFS, largely depend on the availability of Kerberos, and so I am trying to understand how I might add Kerberos without adding any hardware. For brevity, and because my knowledge of the Kerberos architecture and operation is still limited, I will use the term "Kerberos server" to refer to all software components that must be available in a minimal Kerberos deployment, other than LDAP, a file sharing service, and clients.
DSM appears to be able to communicate with a Kerberos server after importing a key database. It also provides LDAP service through an extension package. Support for operating a Kerberos server, however, appears not to be available as either a builtin feature or through an extension package. Running a Kerberos server on a DiskStation appears not to be a common use case. What is the easiest way to do it, if someone were determined? I suppose that running in a VM on the DiskStation is possible in principle, but a much heavier option than I would prefer.
DSM appears to be able to communicate with a Kerberos server after importing a key database. It also provides LDAP service through an extension package. Support for operating a Kerberos server, however, appears not to be available as either a builtin feature or through an extension package. Running a Kerberos server on a DiskStation appears not to be a common use case. What is the easiest way to do it, if someone were determined? I suppose that running in a VM on the DiskStation is possible in principle, but a much heavier option than I would prefer.