directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@gmail.com>
Subject Convo with Adrew Bartlett (Samba 4 guy) about ADS and Kerberos
Date Tue, 25 Oct 2005 16:13:12 GMT
abartlet : what timezone is good to find 'apache directory' developers
in?
ele-office : abartlet : any TZ. 
ele-office : there are people in Korea, in Turkey, Germany, France, and
USA
abartlet : I'm trying to find out a little where this project has come
from, and what it's aims are.  
abartlet : In particular, I come as a Samba4 developer, which has a
rather large play in the directories space
ele-office : look at :
http://directory.apache.org/community/who/akarasulu.html
ele-office : this is where apacheDS is coming from !
abartlet : it seems to be a very, very large scope of work
ele-office : basically, it's a LDAP server
abartlet : that's not the bit that worries me, because I have seen how
that can be done 
abartlet : (Samba4 has it's own ldap server, and it really was not that
bitterly painful to build)
abartlet : but Kerberos, NTP and everything else?
ele-office : these are sub-projects
ele-office : they are built beside ADS
abartlet : other than love of java, any reason for re-impelemting those?
abartlet : I found just the mods I made to Heimdal painful enough,
reimplementing looked like a nightmare...
ele-office : doing it in java seems one of the reason that led to a
reimplementation.
abartlet : anyway, I'm mainly just trying to get good contracts with
various ldap directory implementors, because I expect there to be strong
demand for Samba4 as a frontend to various ldap backends
ele-office : it could be interesting to see how samb4 can use ads as an
ldap backend.
ele-office : and I think it should be really easy.
abartlet : yes and no, Samba4 has some very particular requirements for
it's LDAP backends
ele-office : like ?
abartlet : hosting the AD schema
abartlet : and behaving like AD in general
abartlet : (there are certain operations, such as an add, which are
filled out by a server-side template)
abartlet : and various operational attributes to be generated etc
ele-office : I see.
ele-office : AD use a lot of operationnal attributes
ele-office : Sorry, I don't know enough about Samba to be able to broing
you some lights about the way to use ADS as a ldap backend :(
abartlet : I'm also just trying to find out where this project is at
ele-office : currentlmy, we are trying to deliver the 1.0 version of the
core Ldap Server.
ele-office : DNS and Kerberos sub-projects will be delivered almost at
the same date.
ele-office : their are other sub-projects, too (Penrose, Mitosis, ...)
abartlet : how compliant it the kerberos server?
ele-office : it is supposed to be fully compliant
ele-office : so does Ldap
abartlet : the small amount of stuff I looked at looked like it was
hardcoded for the old des enc types
ele-office : The target is to deliver a server that can pass the
Compliance tests of the OpenGroup
ele-office : http://www.opengroup.org/certification/directory-home.html
ele-office : Kerberos is still a work in progress ;)
ele-office : it's version 0.5.1
abartlet : are the developers on the kitten lists?  
abartlet : (the kerberos working group)
ele-office : I don't know ;) I'm not working on kerberos, and Enrique,
the one who is working on it with Alex
(http://directory.apache.org/community/who/erodriguez.html) is not
currently connected ...

-- Emmanuel


Mime
View raw message