more KDB-LDAP stuff
Ken Raeburn
raeburn at MIT.EDU
Wed Mar 22 11:45:54 EST 2006
Still working on the code... some random issues:
1) Can the eDirectory support be made into a run-time test rather
than a compile-time test? (Preferably automatically detected rather
than specified by command-line.) It would be unfortunate if binary
packages could either support eDirectory realms or support non-
eDirectory realms, but not both. (I don't think this is urgent.)
2) The kdb-ldap code defines a bunch of symbols krb5_dbe_
{lookup,update}_{last_pwd_change,mod_princ_data,tl_data} which are
also defined in and exported from the kdb5 library. Should the kdb-
ldap code have its own implementation of the same functionality? If
so, they should be renamed.
I'm about to start working on the error info handling proposal I put
forth on the list recently. I'm still reviewing the LDAP submission
changes, and there are still several problems that'll need to be
fixed before it can be merged.
More information about the krbdev
mailing list