DAL API to read Realm Information

Jeffrey Altman jaltman at MIT.EDU
Fri Mar 10 10:43:15 EST 2006


I would expect that if the principal information is being stored
in the KDB and the KDB backend is LDAP that there must be a method
for all of the data required by the KDC to be obtained via the DAL.

In your design please try to consider extensibility issues.  How will
we add new fields to the KDC request and how will the DAL respond if
those fields are not supported by the back end.


Jeffrey Altman

P Santoshkumar wrote:
> Hello Jeffrey,
> The information that we are looking to obtain are the ticket
> information (for eg. maxtktlife, maxrenewablelife, etc), the encryption
> types and the ticket flags. The structures that will get populated are
> kdc_realm_t and kadm5_config_params. 
> Thanks and Regards,
> Santosh. 
>>>> Jeffrey Altman <jaltman at mit.edu> 03/07/06 8:40 pm >>> 
> Santosh:
> Could you be more specific about what kind of information you are
> looking to obtain?   In particular, which existing or new data
> structures are you looking to populate?
> Jeffrey Altman
> P Santoshkumar wrote:
>> Hello,
>> Currently we are directly reading realm information from LDAP
> datatore.
>> We need to expose this to KDC, so we wish to add a DAL, DAL- LDAP API
> for
>> doing this. Are there any concerns regarding this?
>> Thanks and Regards,
>> Santosh.
>> _______________________________________________
>> krbdev mailing list             krbdev at mit.edu
>> https://mailman.mit.edu/mailman/listinfo/krbdev

More information about the krbdev mailing list