Preliminary discussion: DB alias entries
lukeh at padl.com
Mon Mar 9 17:29:12 EDT 2009
On 10/03/2009, at 5:29 AM, Greg Hudson wrote:
> On Thu, 2009-03-05 at 13:56 -0500, Zhanna Tsitkova wrote:
>> How about adding a new auxulary attr to the entries
> What do you mean by "auxiliary attribute" here? My understanding is
> that object classes can be auxiliary, but not attributes.
> (Sorry; I'm new to LDAP so I need people to speak precisely or I can't
You are correct.
>> - for example
>> 22.214.171.124.2.4.1154 NAME ( 'krbHintAliases' ) or just krbAliases as
>> defined in
> What is that page exactly? Is it appropriate to pull attribute and
> object class definitions from a completely different schema from the
> Novell one we have?
Correct, this is a bad idea.
>> In fact , on KDC startup these aliases could be stored in memory.
>> Then, when the request comes in, the normalized string would be
>> searched in the mem cache and then decided if the further processing
>> is needed.
> Wouldn't that introduce consistency issues if the LDAP data is
> outside of the KDC?
Yes, this is a really bad idea.
More information about the krbdev