SASL/GSSAPI bind in LDAP plugin?

[Will Fiveash]

On Wed, Feb 15, 2006 at 12:34:40PM -0500, Sam Hartman wrote:
> I think that what you want to do is have at least one KDC on a
> directory server and use SASL external with a unix domain socket.

Yeah, that makes sense and has several advantages (including keeping the
DS's service princ. key only on the DS instead of having to distribute
it to various KDC keytabs).

-- 
Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)