Changing the KDC search base dynamically
Simo Sorce
simo at redhat.com
Wed Dec 4 16:53:05 EST 2013
On Thu, 2013-12-05 at 03:08 +0530, Shani Ranasinghe wrote:
> Hi,
> Thank you Greg and Simo.
> Please find my comments in-line.
> Regards,
> Shani Ranasinghe.
>
> @Simo, This is what I have done at the moment. When the user logs into the
> system, I will know if that user is a tenant or not by the username
> provided. Based on that I will know where to search for in the tree. In my
> application, I need to get a TGT everytime the user logs into the system.
> The problem with having the search the whole tree is that, this will be a
> performance hit in the long run. This is the main reason I was looking for
> an alternative way rather than restarting the server, and searching the
> whole tree.
Premature optimization, just use proper indexes for your query.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the krbdev
mailing list