SASL/GSSAPI bind in LDAP plugin?
Sam Hartman
hartmans at MIT.EDU
Thu Feb 23 21:37:50 EST 2006
>>>>> "greg" == greg <greg at enjellic.com> writes:
greg> I find it mystifying that anyone following this thread would conclude
greg> this process is simplifying anything.
greg> Identity (directory) stores and authentication stores are and should
greg> be separate data repositories. Combining the two is a wrong-headed
greg> approach, IMHO.
For most environments I tend to agree with you.
I think that LDAP should be used as an admin protocol but not as a
database storage protocol.
The world, prompted by Microsoft's design choices, seems to disagree.
--Sam
More information about the krbdev
mailing list