[
https://issues.apache.org/jira/browse/DIRKRB-303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14591622#comment-14591622
]
Kiran Ayyagari commented on DIRKRB-303:
---------------------------------------
[~kai-zeng] The best option is to stick with the krb5kdc schema provided by
ApacheDS and use it as the default for Kerby, this way
we leave it where it belongs. And other LDAP server users must load this
krb5kdc schema in their server before integrating with Kerby.
We can always provide a copy of this schema in Kerby release, but we just don't
keep a fork of it in Kerby, any updates to this
schema will be checked into the ApacheDS code base that way it gets tested for
free in the LDAP server and one less thing to worry about.
> Discuss and possibly define Ldap schema for Kerby KDC
> -----------------------------------------------------
>
> Key: DIRKRB-303
> URL: https://issues.apache.org/jira/browse/DIRKRB-303
> Project: Directory Kerberos
> Issue Type: New Feature
> Reporter: Xu Yaning
>
> As discussed in DIRKRB-293 with [~akiran] and [~seelmann], it might be good
> to discuss and possibly define an LDAP schema for Kerby KDC based on the one
> present in ApacheDS ({{krb5kdc}}). This particularly works for the long term,
> as for now only a few identity attributes are supported in Kerby, some time
> later we'll need to enhance and support much more ones that's likely not
> existing in the ApacheDS's schema krb5kdc.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
