new error message/return code for kdb5_util unsupported commands greg at
Fri May 26 10:24:58 EDT 2006

On May 24,  8:39pm, Will Fiveash wrote:
} Subject: new error message/return code for kdb5_util unsupported commands

Good morning, hope everyone's day is starting well.

> On Wed, May 24, 2006 at 08:12:52PM -0500, Will Fiveash wrote:
> > 
> > - Regardless of the above kdb5_util should not core dump regardless of
> >   the backend being used.  There needs to be better NULL function
> >   pointer checking in the kdb code.

> Can we get a new error message here to indicate an operation is not
> supported by the current database type?  It would be nice to have a
> meaningful error message here since the kdb5_util commands are not
> orthogonal in relation to the DB backend.

I usually hate to crash head long into group think but its Friday
going into a long weekend......

I understand the motivations in sacrificing 15+ years of well
documented security practices at the altar of manageability.  I don't
agree with them but do understand them.  Watching 4 months of dialogue
on this issue causes me to believe the horse is being approached from
the wrong end, which tends to result in getting kicked in the

LDAP is a protocol not a database.  Has anyone considered bolting an
LDAP interface onto the KDC?

OpenLDAP already has a collection of back-ends.  I've considered
engineering an MIT/KDC implementation to add to the list.  If someone
can explain why this is wrong-headed I won't add it to my personal
amusement list for the summer.

> Will Fiveash

Best wishes for a pleasant weekend to everyone.


}-- End of excerpt from Will Fiveash

As always,
Dr. G.W. Wettstein, Ph.D.   Enjellic Systems Development, LLC.
4206 N. 19th Ave.           Specializing in information infra-structure
Fargo, ND  58102            development.
PH: 701-281-1686
FAX: 701-281-3949           EMAIL: greg at
"Nullum magnum ingenium sine mixtura dementiae fuit."
        (There is no great genius without some touch of madness.)
                                -- Seneca

More information about the krbdev mailing list