Wallet: LDAP

Jan-Piet Mens jpmens.dns at gmail.com
Thu Jun 14 01:15:04 EDT 2012


> You may want to grab the latest Git version, which has an implementation
> (although it may still not be quite what you want).

It looks good, but is indeed not quite what I want: your code compares
an attribute type in a principal's LDAP entry to a specified attribute
type, whereas I prefer to search for host or principal in a specified
LDAP tree. While easy enough to change, I think I'll give my idea a

> > Am I on the right track or is all of this horribly wrong?
> Oh, that's a neat idea.  Sort of a cool way of faking an arbitrary ACL
> plugin.  Yes, that should work fine.

I was hoping you'd say that :)  I'll post code when ready.


More information about the Kerberos mailing list