[Date Prev][Date Next] [Chronological] [Thread] [Top]

How are Kerberos realms usually related to LDAP DCs?

To: openldap <openldap-software@OpenLDAP.org>
Subject: How are Kerberos realms usually related to LDAP DCs?
From: Dave Snoopy <kingsnoopy7@yahoo.com>
Date: Thu, 29 May 2003 15:56:46 -0700 (PDT)

Hey All,

I've noticed that in Windows, where the KDC and the
LDAP server are on the same machine, the base tree
structure of the LDAP server and the Kerberos realm
correspond to each other. For example, if the realm is
"HQ.COMPANY.COM", then the tree's Base DN is
"DC=HQ,DC=COMPANY,DC=COM". Both are based off of the
Windows domain name.

But is this typical, particularly when the KDC and the
LDAP server are different machines? If an LDAP server
is Kerberized, how is its base tree structure (i.e. as
seen in the Base DN) related to the Kerberos realm? Is
there some kind of standard correlation? Or are these
usually totally independent of each other? I would
think the latter.

Thanks,
Dave

__________________________________
Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
http://calendar.yahoo.com

Prev by Date: Active Directory to OpenLDAP
Next by Date: Re: Active Directory to OpenLDAP
Index(es):
- Chronological
- Thread