Most importently, applications cannot use the same identity name for both authentication and querying LDAP, since using LDAP for authentication is against the spirit of Kerberos.
Marius,
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITSS/TSS/Computing Systems ITSS/TSS/Infrastructure Operations Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html