Generating krb5.keytab
Oliver Liebel
oliver at itc.li
Thu Jun 19 07:43:11 GMT 2008
Andrew Bartlett schrieb:
> On Thu, 2008-06-19 at 02:11 +0300, Sergey Yanovich wrote:
>
>> Andrew Bartlett wrote:
>>
>>> On Wed, 2008-06-18 at 16:20 +0300, Sergey Yanovich wrote:
>>>
>>>> I got the point about patches. One last question. Any pointers about
>>>> why Windows client cannot be allowed to talk directly to OpenLDAP?
>>>>
>>> See my presentation at SambaXP for some of the things Microsoft did to
>>> LDAP:
>>>
>>> http://www.sambaxp.org/files/SambaXP2008-DATA/03-06-Andrew_Bartlett-LDAP_horrors.odp
>>> http://www.sambaxp.org/files/SambaXP2008-AUDIO/03-06-Bartlett_AD_LDAP.ogg
>>>
>> Thanks for the links. Did I understand correctly, that OpenLDAP backend
>> is important mostly as a replication facility?
>>
>
> Yes. Also very interesting is Fedora DS, which has multi-master
> replication. While I've talked about OpenLDAP, we are not wedded to a
> particular LDAP backend, just any backend that implements what we need.
>
>
>> MySQL has exceptional master-slave replication. I'll focus on MySQL
>> back-end for ldb for now.
>>
the replication should always be handled by the DS itself, not by any
kind of database backend, to avoid
inconsistencies. this (mysql-backend-) discussion leads imo to nothing.
> Then do look at the sqlite3 backend.
>
> Perhaps you could explain again why you need the MySQL backend? I would
> not expect a ldb_mysql to have a useful table layout for anything else
> to read/write...
>
> Andrew Bartlett
>
>
More information about the samba-technical
mailing list