--On Wednesday, November 08, 2006 11:51 PM -0500 Maxwell Bottiger sleepylight@jive-turkey.net wrote:
On Wed, 2006-11-08 at 18:28 -0800, Howard Chu wrote:
snip
MIT Kerberos is known to work very poorly with OpenLDAP slapd. Heimdal is known to work well. On the client side, either one will work, but generally I would recommend using Heimdal.
I have heard that through other sources as well. I'm really just using MIT kerberos because it shipped with my distro. Can I move the kerberos database directly to Hemidal in the future?
It doesn't matter what kerberos database you use. For example, Stanford uses an MIT KDC. But we use the Heimdal kerberos *libraries* to link slapd against. It is the libraries we are talking about right now. Of course, Heimdal also has the capability of using LDAP as its KDC store. MIT will have that functionality sometime in the near future.
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html