An alternative plan for principal mapping

Andrew Bartlett abartlet at
Thu Aug 3 02:50:01 EDT 2006

On Tue, 2006-08-01 at 10:45 +0530, S Rahul wrote:
> Hi,
>     We expect the directory to provide some LDAP extension / control to
> enforce the login policy. In Novell eDirectory, we have two such
> extensions - one to find out whether the user is allowed to login and
> the other to update the directory with the result of the login attempt.
> We expect other directories to use similar extensions / controls for
> enforcing the policies.

Are these 'extensions' the ones Novell asked us to use in Samba:  read
the cleartext password, then attempt a bind with it, or has this been

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.        
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the krbdev mailing list