principal aliases?
Chris Hecker
checker at d6.com
Tue Nov 21 19:43:58 EST 2017
Oh, really? That's cool, I couldn't find krbPrincipalAliases (case
insensitive) in the entire 1.15.2 source code except for the schema and
ldif files...how does that work? I don't mind creating them myself, no
problem.
Chris
On Tue, Nov 21, 2017 at 4:40 PM, Benjamin Kaduk <kaduk at mit.edu> wrote:
> On Tue, Nov 21, 2017 at 04:17:23PM -0800, Chris Hecker wrote:
> > Are these supported? There's a krbPrincipalAliases in the krb5 ldap
> schema,
> > but I can't find any mention of them in the code, and online docs are
> > spotty. I was hoping to use them but it doesn't seem like they do
> anything
> > or are ever queried in the ldap kdb backend?
> >
> > Oh, hmm, looks like this is a Heimdal thing, bummer.
> >
> > https://www.openldap.org/lists/openldap-technical/201502/msg00053.html
> >
> > Any plans for supporting this in MIT?
>
> They are only supported in the ldap backend, and you have to create
> them out of band with an ldap editor. But once they are in ldap,
> the KDC will use them.
>
> -Ben
>
More information about the krbdev
mailing list