[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LDAP layouts for Heimdal

To: heimdal-discuss@sics.se
Subject: Re: LDAP layouts for Heimdal
From: Aredridel <aredridel@nbtsc.org>
Date: Thu, 13 Nov 2003 07:20:18 -0700
In-Reply-To: <1068714962.3v210gxvg0xs@www.ambigc.com>
References: <3FA8EA94.4060300@ambigc.com> <3FAD4C86.3090702@gmx.net> <1068326469.5k1vtc05tq4g@www.ambigc.com> <704291607.1068676777@[10.10.9.3]> <1068714962.3v210gxvg0xs@www.ambigc.com>
Sender: owner-heimdal-discuss@sics.se

> > Are you trying to add inetOrgPerson to the objectClass attribute of an
> > existing entry? This is not allowed in LDAP at it would change the
> > structural objectclass of the entry. You can add krb5KDCEntry and
> > krb5Principal because they are AUXILIARY object classes. However,
> > inetOrgPerson ist STRUCTURAL.

I've a similar question:

My ldap tree is laid out with three roots, and probably more will come:

dc=nbtsc,dc=org
dc=theinternetco,dc=net
dc=independence,dc=net

Each has a corresponding realm:

NBTSC.ORG
THEINTERNETCO.NET
INDEPENDENCE.NET

my users are in an ou=Users subtree, and their uids are just the short
version: uid=test,ou=Users,dc=nbtsc,dc=org

Is there any way to make heimdal store the kerberos properties in the
correct bases, based on realm?

Aredridel

This is a digitally signed message part

References:
- LDAP layouts for Heimdal
  - From: Chris Hamilton <chris@ambigc.com>
- Re: LDAP layouts for Heimdal
  - From: Chris Hamilton <chris@ambigc.com>
- Re: LDAP layouts for Heimdal
  - From: Norbert Klasen <norbert+lists.heimdal-discuss@burgundy.dyndns.org>
- Re: LDAP layouts for Heimdal
  - From: Chris Hamilton <chris@ambigc.com>

Prev by Date: Problems finding KDC (was: KDC not found even after connection wasmade)
Next by Date: Re: Problems finding KDC
Prev by thread: Re: LDAP layouts for Heimdal
Next by thread: KRB5KRB_ERR_RESPONSE_TOO_BIG
Index(es):
- Date
- Thread