directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kai Zheng (JIRA)" <>
Subject [jira] [Commented] (DIRKRB-303) Discuss and possibly define Ldap schema for Kerby KDC
Date Fri, 19 Jun 2015 02:49:00 GMT


Kai Zheng commented on DIRKRB-303:

Thanks [~elecharny] for the thoughts. 

I thought LdapNetworkConnection is good to support any standalone LDAP server via network
connection and only client LDAP API will be required; LdapCoreSessionConnection is good to
support ApacheDS server as it requires no network round trip, but not appropriate for other
LDAP servers because it uses Directory server side APIs. Therefore it would be still good
to have two modules for the two cases, though codes for them are much the same for now.

For the schema, as current schema is already good enough so we'll use it for now. Will leave
this issue for the long term consideration. When have time I would investigate and come up
a draft version based on existing schema for further discussion.

> Discuss and possibly define Ldap schema for Kerby KDC
> -----------------------------------------------------
>                 Key: DIRKRB-303
>                 URL:
>             Project: Directory Kerberos
>          Issue Type: New Feature
>            Reporter: Xu Yaning
> As discussed in DIRKRB-293 with [~akiran] and [~seelmann], it might be good to discuss
and possibly define an LDAP schema for Kerby KDC based on the one present in ApacheDS ({{krb5kdc}}).
This particularly works for the long term, as for now only a few identity attributes are supported
in Kerby, some time later we'll need to enhance and support much more ones that's likely not
existing in the ApacheDS's schema krb5kdc.

This message was sent by Atlassian JIRA

View raw message