LDAP/Kerberos user management

[Troy Benjegerdes]

On Thu, Aug 22, 2002 at 02:04:23PM -0400, Sam Hartman wrote:
> >>>>> "John" == John Green <green at blueheronbio.com> writes:
> 
>     John> Hi, I am trying to find a method for a principal
>     John> automatically being created in a Kerberos database while at
>     John> the same time adding a corresponding entry to an LDAP
>     John> database.  Has anyone heard of or is anyone using something
>     John> like this?  

Well, I'm planning to implement something like this in the next couple of 
months..
 
> I was working on a prototype of this type of integration and the
> initial hacked-together version can be found at
> http://www.boxedpenguin.com/.  I'm lno longer working for Mekinok--now
> working full-time on Kerberos and that project is basically dead.  But
> it illustrates that you can throw something together and get fairly
> good results quickly.

Hrrrrrrm, the description of what boxedpenguin has right now sounds almost 
exactly like what I want to set up..

All the pieces are out there, it's just a pain to put them together. I 
don't really want to do 'yet another custom local hack' to replace the old 
'custom local hack' we had based on rdist and a big gross perl 'adduser' 
script.

I was toying with the idea of putting up a sourceforge project called 
something like 'Open directory' and have a central place to do all the 
integration and documentation for setting up a system with openafs, krb5, 
ldap, and whatnot.

Do you think it would be worthwhile to resurrect the boxedpenguin project, 
or maybe just get some interested people and start over again?

-- 
Troy Benjegerdes | master of mispeeling | 'da hozer' |  hozer at drgw.net
-----"If this message isn't misspelled, I didn't write it" -- Me -----
"Why do musicians compose symphonies and poets write poems? They do it
because life wouldn't have any meaning for them if they didn't. That's 
why I draw cartoons. It's my life." -- Charles Schulz