Heimdal KDC, Windows XP and local users
Javier Palacios
javiplx at gmail.com
Mon Jan 14 06:27:58 EST 2008
On Jan 14, 2008 12:06 PM, Volkmar Glauche
<volkmar.glauche at uniklinik-freiburg.de> wrote:
> > Sure. But this again means the toil of maintaining two databases: the
> > NIS map and the KDC database.
>
> I think you will need two databases: one for kerberos credentials and
> another one for account information. Kerberos does not tell you about a
> user's home directory or shell...
You don't need two databases. Both heimdal and MIT current versions
allow LDAP as "database" for credentials so you have a single
database. I've not used MIT, but I've been using heimdal-ldap for a
long time without problems.
Maybe you need two interfaces, but just because you cannot set the
password using only LDAP tools (unless you know the internals of the
way passwords are encoded into the kerberos repository).
Javier Palacios
More information about the Kerberos
mailing list