Tim Watts wrote: > http://www.opinsys.fi/en/smbkrb5pwd-password-syncing-for-openldap-mit-kerberos-and-samba > (Line wrap warning) - some nice person has already done the job for MIT > Kerberos :->>> The system described above is a bit fragile. Because if one of the systems fail the password might only be changed in LDAP or Kerberos. > On the face of it - that looks absolutely perfect! Hmm... A better approach is taken in the FreeIPA project: There's a SLAPI plugin for 389 DS which supports MIT Kerberos. A C programmer might be able to adapt this as an OpenLDAP overlay (similar to OpenLDAP's slapo-smbk5pwd). Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature