[4717] in Kerberos
Re: Kerberos getpwnam() equivalent...
daemon@ATHENA.MIT.EDU (Frank Lonigro)
Thu Mar 2 10:49:28 1995
To: kerberos@MIT.EDU
Date: 2 Mar 1995 14:26:29 GMT
From: franco@bu.edu (Frank Lonigro)
Daniel G. Pouzzner (douzzer@prez.brain.ai.mit.edu) wrote:
: Jeff is quite right.
: What you "really" want is a Hesiod database that contains all your
: users. This is what Hesiod is designed for, and since named caches
: queries, many obvious performance bottlenecks can be avoided.
: If your application is just a pre-check in /bin/login before you
: actually request a user's password, then the technique I offered is
: fine. If it's going to appear in a user program that might call it
: many times each time it is executed, it's a definite no-no (kerberos
: maintains a log which would become quite useless if its S/N dropped
: that low).
: -douzzer
My application is more like the pre-check you mentioned. It is a user program
that will do one and only one lookup on the user who is running the program.
The user may or may not be registered in kerberos and the program will need
to take certain action depending on which it is.
Thanks for your help!
-franco
---
Frank Lonigro Senior Systems Programmer
franco@bu.edu Boston University/Office of Information Technology
