Kerberos Backend for LDAP

Sam Hartman hartmans at MIT.EDU
Tue Apr 15 17:18:53 EDT 2003

It's important to distinguish two related things:

1) A backend to allow a KDC to use LDAP to store principal data.  This
   has been implemented for Heimdal.

2) An interface to allow LDAP to be used to look at principal data.
   There is ongoing work in the IETF to specify such an interface.

Note that 1 does not strictly imply 2.  The interface that the KDC
uses may well be something that you don't want to expose to anyone
besides the KDC.

More information about the Kerberos mailing list