help-shishi
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: kerberos and ldap: Standards?

From: Simon Josefsson
Subject: Re: kerberos and ldap: Standards?
Date: Tue, 18 Apr 2006 10:35:15 +0200
User-agent: Gnus/5.110005 (No Gnus v0.5) Emacs/22.0.50 (gnu/linux) 
Hi Elrond!  Sorry for the slow response.

Elrond <address@hidden> writes:

> Maybe a bit off-topic, but:
>
> I know about hdb.schema from heimdal.
>
> Are there any other notable standards about storing
> kerberos related information in ldap?

Have you seen:

http://josefsson.org/cgi-bin/viewcvs.cgi/shishi/doc/specifications/draft-johansson-kerberos-model-02.txt?rev=1.1&view=auto

I read an earlier version of it before writing shisa.  I don't use
their ideas directly, but tried to avoid doing something stupid that
would difficult to map between shisa and their information model.

> Currently I'm interested in an attribute, that stores the
> kerberos' principal name, that relates to a DN/account.
>
> In hdb.schema this is krb5PrincipalName.

I think you could write a new shisa module that would get the
information the KDC requests from shisa from the LDAP server.  Copy
file.c and file.h into ldap.c and ldap.h and start modifying it...  It
probably require some work, but maybe I can assist you.

Regards,
Simon
reply via email to
[Prev in Thread] Current Thread [Next in Thread]