need help with LDAP plug-in code and liblber dependency

Praveenkumar Sahukar psahukar at
Mon May 29 07:20:44 EDT 2006


>>> On Fri, May 26, 2006 at  6:55 AM, in message
<tsld5e1h90o.fsf at>, Sam
Hartman <hartmans at MIT.EDU> wrote: 
> Wait, why does the ldap command need to bind using a different
> identity than the kdc will use?

The KDC and the ADMIN services have READ only rights on the Realm
Attributes. However,
to manage the Realm, WRITE rights are needed and hence the ldap command
uses an identity different from the KDC and the ADMIN identities. 

Thanks and Regards,
Praveen Kumar

More information about the krbdev mailing list