An alternative plan for principal mapping
abartlet at samba.org
Thu Aug 3 02:50:01 EDT 2006
On Tue, 2006-08-01 at 10:45 +0530, S Rahul wrote:
> We expect the directory to provide some LDAP extension / control to
> enforce the login policy. In Novell eDirectory, we have two such
> extensions - one to find out whether the user is allowed to login and
> the other to update the directory with the result of the login attempt.
> We expect other directories to use similar extensions / controls for
> enforcing the policies.
Are these 'extensions' the ones Novell asked us to use in Samba: read
the cleartext password, then attempt a bind with it, or has this been
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20060803/b68cc359/attachment.bin
More information about the krbdev