LDAP Schema Design Suggestions?
Nicolas Williams
Nicolas.Williams at sun.com
Tue Oct 24 22:35:57 EDT 2006
On Tue, Oct 24, 2006 at 06:19:04PM -0700, Henry B. Hotz wrote:
> No, I'm not talking about using LDAP to store the back-end for a KDC.
>
> I'm wondering if there are any thoughts or wisdom related to RFC 2307
> (or successors) about how to store meta-information about Kerberos
> principals. That RFC defines schema's for "machines" and things with
> IP numbers. I also need to associate an "owner" for non-people
> principals.
Users don't make good owners. They change job descriptions, go on
extended vactions/sabatticals, leave, die, are laid off, are fired...
IMO groups make much better owners.
Nico
--
More information about the Kerberos
mailing list