What about making positions as owners? people <-> positions <-> machines. People may have multiple positions/jobs and the job is responsible for the machine.
Jason Jason Edgecombe Solaris & Linux Administrator Mosaic Computing Group, College of Engineering UNC-Charlotte Phone: (704) 687-3514 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Henry B. Hotz Sent: Wednesday, October 25, 2006 12:30 AM To: Nicolas Williams Cc: [EMAIL PROTECTED]; [email protected] Subject: Re: LDAP Schema Design Suggestions? On Oct 24, 2006, at 7:35 PM, Nicolas Williams wrote: > On Tue, Oct 24, 2006 at 06:19:04PM -0700, Henry B. Hotz wrote: >> No, I'm not talking about using LDAP to store the back-end for a KDC. >> >> I'm wondering if there are any thoughts or wisdom related to RFC 2307 >> (or successors) about how to store meta-information about Kerberos >> principals. That RFC defines schema's for "machines" and things with >> IP numbers. I also need to associate an "owner" for non-people >> principals. > > Users don't make good owners. They change job descriptions, go on > extended vactions/sabatticals, leave, die, are laid off, are fired... > > IMO groups make much better owners. > > Nico > -- Yeah, OK. I just don't have an organizationally meaningful alternative available. Other people on the list should take note though. ------------------------------------------------------------------------ ---- The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. [EMAIL PROTECTED], or [EMAIL PROTECTED] ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
