> > I haven't studied it all that extensively, > > so correct me if I am wrong, but with the > > new "DAL" stuff there is now an opportunity > > to do a 'proper' job of multi-master KDCs > > (dare I say it) in a "ubik-like" or "AD-like" > > manner.
> There are plenty of LDAP servers suitable for backending the KDC that > support incremental and/or multi-master replication. That, I suppose, depends on your definition of "suitable". It certainly isn't suitable to me. The size of the KDC codebase is big enough to worry about, throwing something like an entire LDAP server into the mix is a whole 'nother kettle of fish. John ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
