[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fwd: Protocols of heimdal servers

To: Jose Gonzalez Gomez <jgonzalez.openinput@gmail.com>
Subject: Re: Fwd: Protocols of heimdal servers
From: Howard Chu <hyc@highlandsun.com>
Date: Tue, 25 Jan 2005 01:11:47 -0800
Cc: heimdal-discuss@sics.se
In-Reply-To: <306bf0105012500302e827417@mail.gmail.com>
References: <306bf01050124081579bc3b6f@mail.gmail.com> <41F58CD5.7020208@thewybles.com> <200501250055.j0P0tep9048194@au.padl.com> <41F5B083.3070004@thewybles.com> <200501250242.j0P2g8Pc055622@au.padl.com> <41F5D9EF.9040402@highlandsun.com> <306bf01050125002514f02414@mail.gmail.com> <306bf0105012500302e827417@mail.gmail.com>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a5) Gecko/20041101

Jose Gonzalez Gomez wrote:
> ---------- Forwarded message ----------
> From: Jose Gonzalez Gomez <jgonzalez.openinput@gmail.com>
> Date: Tue, 25 Jan 2005 09:25:16 +0100
> Subject: Re: Protocols of heimdal servers
> To: Howard Chu <hyc@highlandsun.com>
> 
> 
> On Mon, 24 Jan 2005 21:32:31 -0800, Howard Chu <hyc@highlandsun.com> wrote:
> 
>>Luke Howard wrote:
>>
>>>>Any pointers or ideas Luke? I know your pretty sharp with ldap/kerberos
>>>>and all those other goodies! What do you think of my suggesstion to
>>>>write a java wrapper around the various C based components? I admit I am
>>>>way out of my league here but just trying to spark some good lively
>>>>discussion.
>>
>>>I think the best (and only) way is to read the code in lib/kadm5.
>>
>>My approach here is to use the Heimdal KDC backed by LDAP and do all
>>administration through LDAP. Much less ambiguity this way.

> In fact I have my database stored in LDAP, and I planned to do all the
> administration this way using Java/JNDI, but I don't have any clue
> about how to modify the krb5Key attribute, where I guess the password
> is stored, am I right? How can I update it? I guess I must also update
> the krb5KDCFlags... is there any documentation about this? Or should I
> read the code as Luke sugested?

Yes.

You can also have a look at OpenLDAP cvs contrib/slapd-modules/smbk5pwd 
for starters. Of course the code I wrote there is all derived from 
reading the source to lib/kadm5 and lib/hdb.

-- 
   -- Howard Chu
   Chief Architect, Symas Corp.       Director, Highland Sun
   http://www.symas.com               http://highlandsun.com/hyc
   Symas: Premier OpenSource Development and Support

References:
- Protocols of heimdal servers
  - From: Jose Gonzalez Gomez <jgonzalez.openinput@gmail.com>
- Re: Protocols of heimdal servers
  - From: Charles N Wyble <charles@thewybles.com>
- Re: Protocols of heimdal servers
  - From: Luke Howard <lukeh@PADL.COM>
- Re: Protocols of heimdal servers
  - From: Charles N Wyble <charles@thewybles.com>
- Re: Protocols of heimdal servers
  - From: Luke Howard <lukeh@PADL.COM>
- Re: Protocols of heimdal servers
  - From: Howard Chu <hyc@highlandsun.com>
- Fwd: Protocols of heimdal servers
  - From: Jose Gonzalez Gomez <jgonzalez.openinput@gmail.com>

Prev by Date: afslog and PT id
Next by Date: where are the archieves?
Prev by thread: Fwd: Protocols of heimdal servers
Next by thread: Re: Fwd: Protocols of heimdal servers
Index(es):
- Date
- Thread