Win logon to a MIT Kerberos V KDC?

[Turbo Fredriksson]

>>>>> "Luke" == Luke Howard <lukeh at PADL.COM> writes:

    Luke> Adding support to a KDC for the PAC is not that difficult if
    Luke> you have a sensible architecture (for example, an integrated
    Luke> directory backend for the KDC). The difficulty lies in some
    Luke> of the other, unpublished, protocols which are necessary to
    Luke> domain logon.

Isn't M$ publishing all the addition/changes to the LDAP/Kerberos
protocol?

And 'integrated directory backend'. Couldn't that be a OpenLDAP2
server tied with Kerberos (the way openldap2+heimdal combo does it)?