concerns with ldap plugin and 1.5

[Luke Howard]

>It's really not clear that a new command was needed.
>
>I see this as evidence that the new SPI is not sufficiently generic.

I haven't looked at the SPI so I should probably reserve judgement,
but I agree that genericity is a useful thing.

The Heimdal SPI allowed a backend to attach arbitrary extensions to
a principal (each extension could be marked mandatory, if the KDC
did not understand a mandatory extension it would reject the entire
entry).

Also a generic "invoke this operation identified by OID with an
opaque parameter" (or buffer) might also be useful too for things
like backend-specific provisioning tools.

-- Luke

--