[OpenAFS] Re: afs pts schema?
Douglas E. Engert
deengert@anl.gov
Wed, 14 Mar 2001 07:59:16 -0600
IBM is proposing something similiar for Kerberos 5:
Kerberos KDC LDAP Schema
draft-skibbie-krb-kdc-ldap-schema-01.txt
"Donna Skibbie" <donnas@us.ibm.com>
This missed the cutoff for IETF draft submisions, but Dona Skibbie will
be talking for 10 minutes at the krb-wg next week.
Leif Johansson wrote:
>
> Warning. This mail contains material that may be inappropriate for =
>
> orthodox AFS users :-)
>
> Has anyone thought to drop pts into ldap? The semantics of pts groups =
>
> should not be that different from groupOfUniqueNames so the schema =
>
> additions should be relatively minor(?) One implementation scenario is to=
> =
>
> drop the pts client altoghether and just keep the pts server as a =
>
> protocol translator into ldap (authenticating to the directory server =
>
> as afs@REALM over GSSAPI perhaps) and do all user and group admin in =
>
> the directory server. I guess DCE must have a schema that kinda does
> this but that may not be appropriate for afs.... Comments?
>
> Cheers Leif
>
> -----------------------------------------------------------------
> Leif Johansson Phone: +46 8 164541 =
>
> IT- and media services
> Stockholm University email: leifj@it.su.se =
>
> <This space is left blank for quotational and disclamatory purposes.>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444