How to extend kadmin
Nicolas.Williams at sun.com
Mon Oct 26 17:30:00 EDT 2009
On Mon, Oct 26, 2009 at 05:27:46PM -0400, Jeffrey Hutzelman wrote:
> --On Monday, October 26, 2009 03:51:13 PM -0500 Nicolas Williams
> <Nicolas.Williams at sun.com> wrote:
> >4. Bump the RPC program version number (and start fresh).
> Fine, but why do you then go on and spend four paragraphs extolling the
> virtues of ONC RPC in general and XDR in particular over ASN.1, when no one
> has proposed doing anything involving the latter?
I was responding to "I have never been a fan of the RPC model of network
> OTOH, I suppose someone should ask the question... Do we believe that we
> will eventually end up with a schema for an LDAP-based admin protocol, and
> if so, will it end up replacing the current kadmin protocol?
> If so, anything we do now is a stopgap.
> If not, we should be thinking about the long term.
Darn, I forgot about this. I mostly agree, I'd rather see us move
wholesale to LDAP. I happen to greatly dislike the LDAP schema that we
all inheritted from Novell though. And also, for some things we
absolutely need a protocol (think change/set password protocols), though
it could always run as an LDAP extended operation.
More information about the krbdev