[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Storing entries in several levels




    Isn't this provided by the krb5PrincipalName attribute?

Gémes Géza wrote:

> Hi there,
>
>>>    I'm testing heimdal for use in an authentication server, and I
>>>have integrated it with OpenLDAP. I would like to have the possibility
>>>of storing kerberos principals in several levels of the directory, not
>>>just one plain level containing all the principals. Heimdal right now
>>>(at least the version tested, 0.6.2) doesn't support this, so I
>>>modified the sources to have this functionality. Here is the patch:
>>>    
>>>
>>
>>Next major version of heimdal already does this.
>>
>>Love
>>
>>  
>>
> Are there any plans to implement some kind of mapping between 
> principals instances and ldap entries, like the following:
> uid=adam,ou=Accounting,dc=example,dc=com ----> adam@EXAMPLE.COM
> and
> uid=eva,ou=Sales,dc=example,dc=com ----> adam@EXAMPLE.COM
> while
> uid=testsys,ou=Hosts,dc=example,dc=com ----> testsys/host@EXAMPLE.COM
> and
> uid=testcomp$,ou=Computers,dc=example,dc=com ----> 
> testcomp/host@EXAMPLE.COM
> In other words a configurable way to map entries in different subtrees 
> to different instances.
>
> Thanks,
>
> Geza