[29973] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krbUPEnabled LDAP attribute

daemon@ATHENA.MIT.EDU (Klaus Heinrich Kiwi)
Mon Jun 16 23:08:02 2008

From: Klaus Heinrich Kiwi <klausk@linux.vnet.ibm.com>
To: kerberos@mit.edu
Date: Tue, 17 Jun 2008 00:07:10 -0300
Message-Id: <1213672030.17827.44.camel@klausk.br.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

Is this attribute actually supported in the current KDB LDAP plugin
implementation? ie.: The only code I can see that it's dealing with this
attribute in the current tree refers to setting the permissions to this
attribute in the LDAP Database (ldap_service_rights.c).

And what actually means that "directory User Password has to be
used" (krbUPEnabled=TRUE)? The required password to authenticate a user
principal would be the same password used to bind with this user DN in
the directory? Is that possible with the current KDB Abstraction Layer?

Thanks!

 -Klaus

-- 
Klaus Heinrich Kiwi <klausk@linux.vnet.ibm.com>
Linux Security Development, IBM Linux Technology Center

________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[29973] in Kerberos

krbUPEnabled LDAP attribute

daemon@ATHENA.MIT.EDU (Klaus Heinrich Kiwi)Mon Jun 16 23:08:02 2008

daemon@ATHENA.MIT.EDU (Klaus Heinrich Kiwi)
Mon Jun 16 23:08:02 2008