On 02/12/2015 03:28 AM, Gergely Czuczy wrote: > A bit off the topic, but please allow me a question here. I've noticed > that addprinc -x dn= only allows a single principal per entry, and -x > linkdn= does not put the krbPrincipalName into the specified entry. With > utilizing the LDAP backend, what would be the way to make use of the > krbPrincipalName's multivalued nature, and have it populated at the ldap > entry's values?
We don't have kadmin support for principal aliases, only LDAP KDB module support. You have to manage the krbPrincipalName and krbCanonicalName attributes directly via LDAP in order to create aliases. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
