[Kdc-info] Re: [kdc-schema] LDAP password policy
Leif Johansson
leifj at it.su.se
Mon Jul 14 13:57:15 EDT 2003
Shishir Nagaraj wrote:
<snip>
>
> While kerberos password policy model would benefit from the experience
> of the LDAP password policy model, the schema should be able to handle
> the scenarios of integrated and separate policy instances at the same
> time.
Agreed. My take is that there must be (?) semantic overlap between
kerberos and ldap password policy
(and between kerberos set/change password protocol and ldap set password
exop) which might be resolved.
In the context of the ldap schema this group is looking at writing and
from the point of view of a ldap client
talking to the ldap "kadmin" service of a kdc having these pairs of
services/schema be interchangeable would
seem to be a nice outcome of our work.
MVH leifj
More information about the kdc-info
mailing list