We have a single KDC, and it is MIT K5. Using the Heimdal libraries for the OpenLDAP server really has no relation to the KDC used.
Pardon my ignorance, but... does that mean that the machines hosting the OpenLDAP servers simply have dynamic libraries from Heimdal rather than MIT Kerberos?
Yes.
Or that the OpenLDAP server programs were statically linked against libraries from Heimdal rather than MIT?
I suppose you could do it that way too. I prefer dynamic linking.
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITSS/TSS/Computing Systems ITSS/TSS/Infrastructure Operations Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html