Kerberos Backend for LDAP

[Sam Hartman]

It's important to distinguish two related things:

1) A backend to allow a KDC to use LDAP to store principal data.  This
   has been implemented for Heimdal.

2) An interface to allow LDAP to be used to look at principal data.
   There is ongoing work in the IETF to specify such an interface.

Note that 1 does not strictly imply 2.  The interface that the KDC
uses may well be something that you don't want to expose to anyone
besides the KDC.