[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fwd: Protocols of heimdal servers
Jose Gonzalez Gomez wrote:
> ---------- Forwarded message ----------
> From: Jose Gonzalez Gomez <firstname.lastname@example.org>
> Date: Tue, 25 Jan 2005 09:25:16 +0100
> Subject: Re: Protocols of heimdal servers
> To: Howard Chu <email@example.com>
> On Mon, 24 Jan 2005 21:32:31 -0800, Howard Chu <firstname.lastname@example.org> wrote:
>>Luke Howard wrote:
>>>>Any pointers or ideas Luke? I know your pretty sharp with ldap/kerberos
>>>>and all those other goodies! What do you think of my suggesstion to
>>>>write a java wrapper around the various C based components? I admit I am
>>>>way out of my league here but just trying to spark some good lively
>>>I think the best (and only) way is to read the code in lib/kadm5.
>>My approach here is to use the Heimdal KDC backed by LDAP and do all
>>administration through LDAP. Much less ambiguity this way.
> In fact I have my database stored in LDAP, and I planned to do all the
> administration this way using Java/JNDI, but I don't have any clue
> about how to modify the krb5Key attribute, where I guess the password
> is stored, am I right? How can I update it? I guess I must also update
> the krb5KDCFlags... is there any documentation about this? Or should I
> read the code as Luke sugested?
You can also have a look at OpenLDAP cvs contrib/slapd-modules/smbk5pwd
for starters. Of course the code I wrote there is all derived from
reading the source to lib/kadm5 and lib/hdb.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support