On Jan 14, 2008 12:06 PM, Volkmar Glauche <[EMAIL PROTECTED]> wrote: > > Sure. But this again means the toil of maintaining two databases: the > > NIS map and the KDC database. > > I think you will need two databases: one for kerberos credentials and > another one for account information. Kerberos does not tell you about a > user's home directory or shell...
You don't need two databases. Both heimdal and MIT current versions allow LDAP as "database" for credentials so you have a single database. I've not used MIT, but I've been using heimdal-ldap for a long time without problems. Maybe you need two interfaces, but just because you cannot set the password using only LDAP tools (unless you know the internals of the way passwords are encoded into the kerberos repository). Javier Palacios ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos