DAL API to read Realm Information
Will Fiveash
William.Fiveash at sun.com
Mon Mar 13 19:29:35 EST 2006
On Mon, Mar 13, 2006 at 05:58:19AM -0500, P Santoshkumar wrote:
> Hello Jeffrey,
>
> We intend to have a DAL API to read the params from the database that
> will do the following:-
>
> * If the backend database is db2 then the API will be NULL and the
> structures outside DAL(kdc_realm_t and kadm5_config_params) will consist
> of the values read from the configuration file.
> * If the backend database is an LDAP store then the API will read the
> values from the database. It will copy only those values into the
> structures outside DAL(kdc_realm_t and kadm5_config_params) that are not
> available or that are not read from the configuration file. In this way
> even if extra fields are added to the structures then the DAL will take
> only those that are available to the LDAP database and the others will
> be read from the configuration file.
The Novell schema defines a krbRealmContainer object class defined as:
##### The krbRealmContainer is created per realm and holds realm specific data.
dn: cn=schema
changetype: modify
add: objectclasses
objectClasses: ( 2.16.840.1.113719.1.301.6.2
NAME 'krbRealmContainer'
SUP top
MUST ( cn )
MAY ( krbMasterKey $ krbUPEnabled $ krbSubTree $ krbSearchScope $ krbLdapSer
vers $ krbSupportedEncTypes $ krbSupportedSaltTypes $ krbDefaultEncType $ krbDefaultSaltType
$ krbPolicyReference $ krbKdcServers $ krbPwdServers $ krbAdmServers $ krbPrincNamingAttr )
X-NDS_NAMING ( 'cn' )
X-NDS_CONTAINMENT ( 'krbContainer' ))
These are the parameters that Santosh is refering to.
--
Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)
More information about the krbdev
mailing list