> Thank you for the link, however LDAP seems superfluous for my purpose. > The goal was to maintain the user database in just one place, and > Kerberos + LDAP mean two places.
If you choose ldap backed for heimdal-kdc (>=0.7.2) it becomes a single place. And it is extremely easy to tweak the scap code to just create the user account instead of looking up LDAP to check that user actually exists. Javier Palacios ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
