directory-kerby mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zheng, Kai" <>
Subject FW: Remote mode kadmin interoperable with MIT KDC
Date Mon, 11 Jan 2016 11:19:15 GMT
This explained about the kadmin remote mode support feature. In case this is missed, or misunderstood.


From: Zheng, Kai
Sent: Sunday, January 03, 2016 8:25 PM
Subject: Remote mode kadmin interoperable with MIT KDC

Hi folks,

As we discussed some time ago, we would need to support remote kadmin that's interoperable
with MIT KDC. As part of the upcoming release, I just reviewed and refined kerb-admin module.
As a result of it, I split Kadmin codes into two parts: LocalKadmin(impl) and RemoteKadmin(impl),
similar to the constructs in MIT Kerberos: kadmin local mode and kadmin remote mode. Please
check out the latest commit for it. Doing that way, it prepared the necessary setup for the
support. We'll also need to support XDR encoding/decoding for the required GSS-RPC stub. I
will spend some time in this direction laying on the necessary facilities and would welcome
any contribution to the feature functionalities. Note the major work for the client side is
all about communication (collecting operation parameters, encoding in XDR packet, and sending
via GSS protected layer); the real work in KadminServer side is trivial because we can just
reuse and delegate the call to LocalKadmin. Hope it can be done after RC2 before 1.0.0 formal

Wish we can move even faster in the new year!


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message