LDAP schema questions
Praveen Kumar Sahukar
psahukar at novell.com
Tue Jun 13 14:50:11 EDT 2006
On Tue, 2006-06-13 at 22:13 +1000, Luke Howard wrote:
> >Unless you require that there exist no more than a single principal
> >per user object then you will have to lock and update multiple objects
> >as part of the transaction.
>
> I would recommend that there be 1:1 mapping between a principal entry
> in the directory and a principal in Kerberos.
What about the directory user associated with more than one Kerberos
Realm which results into more than one kerberos identity per directory
user ?
-Praveen
More information about the krbdev
mailing list