more KDB-LDAP stuff

Praveenkumar Sahukar psahukar at novell.com
Mon Mar 27 08:03:35 EST 2006 

 Hi,

My comments start with "> ".

1) Can the eDirectory support be made into a run- time test rather  
than a compile- time test?  (Preferably automatically detected rather 

than specified by command- line.)  It would be unfortunate if binary  
packages could either support eDirectory realms or support non-  
eDirectory realms, but not both.  (I don't think this is urgent.)

> I guess you are talking about the build setup, detecting whether
eDirectory is 
> installed on the system and if yes then build the eDirectory
back-end. 
> Shouldn't this apply to OpenLDAP too ? So if OpenLDAP libraries are
available
> then the OpenLDAP based back-end should be built. We will have to
handle the case
> where both the libraries (eDirectory and OpenLDAP) are available may
be 
> through command line. 

2) The kdb- ldap code defines a bunch of symbols krb5_dbe_ 
{lookup,update}_{last_pwd_change,mod_princ_data,tl_data} which are  
also defined in and exported from the kdb5 library.  Should the kdb-  
ldap code have its own implementation of the same functionality?  If  
so, they should be renamed.

> The functions are defined in the DAL and not in DAL-LDAP. 
> At the first look I think these functions can be re-used from kdb5
library.
> I will try to remove these functions or rename the same if they can't
be removed. 

Regards,
Praveen Kumar

 
>>> Ken Raeburn <raeburn at MIT.EDU> 03/22/06 10:15 pm >>> 
Still working on the code... some random issues:

1) Can the eDirectory support be made into a run- time test rather  
than a compile- time test?  (Preferably automatically detected rather 

than specified by command- line.)  It would be unfortunate if binary  
packages could either support eDirectory realms or support non-  
eDirectory realms, but not both.  (I don't think this is urgent.)

2) The kdb- ldap code defines a bunch of symbols krb5_dbe_ 
{lookup,update}_{last_pwd_change,mod_princ_data,tl_data} which are  
also defined in and exported from the kdb5 library.  Should the kdb-  
ldap code have its own implementation of the same functionality?  If  
so, they should be renamed.

I'm about to start working on the error info handling proposal I put  
forth on the list recently.  I'm still reviewing the LDAP submission  
changes, and there are still several problems that'll need to be  
fixed before it can be merged.

_______________________________________________
krbdev mailing list             krbdev at mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev

More information about the krbdev mailing list