[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

openldap question and possible feature conflict


Open question to maintainer of openldap2: Are there any long term
plans to upload a debian version of libldap2 with ssl and/or kpasswd

1. I use both myself, although I only have kpasswd for testing...
2. I don't understand why kpasswd support required Kerberos, and can't
use the SASL authentication instead. Perhaps I am missing something.

Reason for asking:

I have got a bug report #95246 requesting Heimdal be compiled against
openldap2. This would enable being able to store the Kerberos database
in the openldap database. All data is stored in LDAP encrypted, so
even if somebody accesses the openldap database, the Kerberos data is
not compromised.

However, if openldap2 supports kpasswd (allows putting a kerberos
realm in place of the password in the LDAP database), then we will have:

Source: heimdal
Build-depends: libldap-dev, ...

Source: openldap2
Build-depends: heimdal-dev, ...

which doesn't look real good.

Also Sam Hartman is going to scream "what about MIT Kerberos?" Sorry,
that doesn't count ;-). (two versions of openldap2? arrgghhh!).
Brian May <bam@debian.org>

Reply to: