kdb5_ldap_util, ticket policy object and kadmin

[Will Fiveash]

It appears that with the LDAP KDB plugin and the kdb5_ldap_util there is
support for a Ticket Policy Object which contains the attributes:

krbmaxticketlife, krbmaxrenewableage, krbticketflags

There does not appear to be a way to create/modify this object with
kadmin, only with kdb5_ldap_util.  Am I correct?  If so, this strikes me
as inconsistent with the current kadmin interface that allows management
of passwd policy.

-- 
Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)