No we really have not but its not so hard to do I think. We just need to add the A2D2 attribute to the schema and enable some authorization checks in the KDC to make sure it constrains the service tickets the KDC grants to service accounts based on the contents of this attribute. Not hard hat all to do I think.
Alex On Wed, Sep 23, 2009 at 1:30 AM, Marc Boorshtein <[email protected]>wrote: > Was curious if anyone has looked at constrained delegation support? I know > its an MS extension and the only APIs that it works with are commercial > libraries so I was curious if anyone had looked at it. > > Thanks > Marc > -- Alex Karasulu My Blog :: http://www.jroller.com/akarasulu/ Apache Directory Server :: http://directory.apache.org Apache MINA :: http://mina.apache.org
