[19075] in Kerberos
Re: Kerberos Backend for LDAP
daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Apr 15 17:21:37 2003
To: Booker Bense <bbense@SLAC.Stanford.EDU>
From: Sam Hartman <hartmans@MIT.EDU>
Date: Tue, 15 Apr 2003 17:20:18 -0400
In-Reply-To: <Pine.LNX.4.51.0304151037570.18369@telemark.slac.stanford.edu>
(Booker Bense's message of "Tue, 15 Apr 2003 10:51:33 -0700 (PDT)")
Message-ID: <tsladercval.fsf@konishi-polis.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: kerberos@mit.edu
cc: Matthew Smith <matt@forsetti.com>
cc: greg@enjellic.com
Errors-To: kerberos-bounces@mit.edu
>>>>> "Booker" == Booker Bense <bbense@SLAC.Stanford.EDU> writes:
Booker> - There are quite a few people that think this kind of
Booker> setup would be a good idea. It would help in a lot of
Booker> areas in which kerberos is currently very weak or has
Booker> missing standards. Probably the biggest benefit would be
Booker> a standardized admin interface and an incremental
Booker> replication protocol. Although since LDAP lacks record
Booker> locking, you'd have to be a bit careful.
I don't think you can get both from the same approach. And I'm not
convinced that LDAP replication is really enough for Kerberos's needs.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
