[4710] in Kerberos
Re: Kerberos getpwnam() equivalent...
daemon@ATHENA.MIT.EDU (Daniel G. Pouzzner)
Wed Mar 1 21:42:05 1995
Date: Wed, 1 Mar 1995 21:34:56 -0500
From: "Daniel G. Pouzzner" <douzzer@prez.brain.ai.mit.edu>
To: kerberos@MIT.EDU
Jeff is quite right.
What you "really" want is a Hesiod database that contains all your
users. This is what Hesiod is designed for, and since named caches
queries, many obvious performance bottlenecks can be avoided.
If your application is just a pre-check in /bin/login before you
actually request a user's password, then the technique I offered is
fine. If it's going to appear in a user program that might call it
many times each time it is executed, it's a definite no-no (kerberos
maintains a log which would become quite useless if its S/N dropped
that low).
-douzzer
