Wallet: LDAP
Jan-Piet Mens
jpmens.dns at gmail.com
Thu Jun 14 01:15:04 EDT 2012
Russ,
> You may want to grab the latest Git version, which has an implementation
> (although it may still not be quite what you want).
It looks good, but is indeed not quite what I want: your code compares
an attribute type in a principal's LDAP entry to a specified attribute
type, whereas I prefer to search for host or principal in a specified
LDAP tree. While easy enough to change, I think I'll give my idea a
shot.
> > Am I on the right track or is all of this horribly wrong?
>
> Oh, that's a neat idea. Sort of a cool way of faking an arbitrary ACL
> plugin. Yes, that should work fine.
I was hoping you'd say that :) I'll post code when ready.
-JP
More information about the Kerberos
mailing list