Hi folks, As we discussed some time ago, we would need to support remote kadmin that's interoperable with MIT KDC. As part of the upcoming release, I just reviewed and refined kerb-admin module. As a result of it, I split Kadmin codes into two parts: LocalKadmin(impl) and RemoteKadmin(impl), similar to the constructs in MIT Kerberos: kadmin local mode and kadmin remote mode. Please check out the latest commit for it. Doing that way, it prepared the necessary setup for the support. We'll also need to support XDR encoding/decoding for the required GSS-RPC stub. I will spend some time in this direction laying on the necessary facilities and would welcome any contribution to the feature functionalities. Note the major work for the client side is all about communication (collecting operation parameters, encoding in XDR packet, and sending via GSS protected layer); the real work in KadminServer side is trivial because we can just reuse and delegate the call to LocalKadmin. Hope it can be done after RC2 before 1.0.0 formal release.
Wish we can move even faster in the new year! Regards, Kai
