[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patch to prevent krb5Key attrs in Samba LDAP entries

To: "James F. Hranicky" <jfh@cise.ufl.edu>
Subject: Re: Patch to prevent krb5Key attrs in Samba LDAP entries
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Thu, 19 May 2005 13:03:06 +0200
Cc: heimdal-discuss@sics.se
In-Reply-To: <20050518164651.7b5cea0f.jfh@cise.ufl.edu> (James F. Hranicky'smessage of "Wed, 18 May 2005 16:46:51 -0400")
References: <20050518164651.7b5cea0f.jfh@cise.ufl.edu>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)


"James F. Hranicky" <jfh@cise.ufl.edu> writes:

> The following patch keeps Samba LDAP entries from being populated with
> krb5Key LDAP attributes even if other Kerberos attributes are available.
>
> This accomplishes the following:
>
> 	- ensures Heimdal and Samba share only 1 key
> 	- removes the need for the smbk5pwd overlay for Heimdal/Samba
> 	  syncing
> 	- prevents the unnecessary addition of the krb5EncryptionType
> 	  attribute
>
> This probably isn't the best way to handle this as there's no configuration
> option, so I'd appreciate any comments on this issue.

Wont using

[kadmin]
        default_keys = arcfour-hmac-md5:pw-salt

give you the behavior of the first delta ?

The krb5EncryptionType part of the entry could go way, I know of no real
usage for it.

Love

PGP signature

Follow-Ups:
- Re: Patch to prevent krb5Key attrs in Samba LDAP entries
  - From: "James F. Hranicky" <jfh@cise.ufl.edu>

References:
- Patch to prevent krb5Key attrs in Samba LDAP entries
  - From: "James F. Hranicky" <jfh@cise.ufl.edu>

Prev by Date: Re: Strange kadmin error
Next by Date: Re: heimdal 0.6.4 ftpd crash
Prev by thread: Re: Patch to prevent krb5Key attrs in Samba LDAP entries
Next by thread: Re: Patch to prevent krb5Key attrs in Samba LDAP entries
Index(es):
- Date
- Thread