need help with LDAP plug-in code and liblber dependency

Ken Raeburn raeburn at MIT.EDU
Thu May 25 21:47:18 EDT 2006

On May 25, 2006, at 21:25, Sam Hartman wrote:
> Wait, why does the ldap command need to bind using a different
> identity than the kdc will use?

I would expect in some configurations the KDC would have read-only  
access, the kadmind, if you run one, would have write access in  
places but would not be permitted to create or modify a realm  
container, etc.  So the administrator setting up the realm may need  
privileges that none of the server programs have.


More information about the krbdev mailing list