Mike MacCana wrote: > On Tue, 2005-06-21 at 10:11 -0500, Jason L Tibbitts III wrote: > >>A single replication infrastructure. I use the MIT KDC because it's >>what Red Hat happens to ship, but I'd much rather have everything in >>LDAP instead of having two separate systems to configure and maintain. > > So Heimdal can use an LDAP data store? Sweet. Thanks so much for your > post. Works fine here, except Heimdal keeps creating its krb5Principal under the root node instead of folding them into ou=KerberosPrincipals as I told in the config file. > I've wanted MIT krb5 to do this (in a non hacky way) for ages. Novell says they've contributed this to MIT, but I can't see it in their CVS repository yet. > Can Heimdal do Kerberos over TCP, and does it support MS specific > encryption types, like MIT Kerberos does? A quick check with netstat appears to confirm it also listens to TCP ports. MS encryptation support is the main reason I switched to Heimdal. I thought MIT still refused to add Microsoft's "extensions" for ethical reasons... I'm surprised to hear they're now implemented. But what I like the most about Heimdal is that kadmin uses readline for proper history and line editing support. and also uses nicer names for commands :-) -- // Bernardo Innocenti - Develer S.r.l., R&D dept. \X/ http://www.develer.com/ -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-devel-list
