Timothy Pearson f5f76ee72c Add ability to store extended principal attributes in LDAP ...

A careful code review was undertaken, and it was determined
that the best way to store the extended attributes was in a
native ASN1 encoded field.  LDAP does not understand the
SEQUENCE of SEQUENCE structures used extensively throughout
the extended attributes structure, and there was already a
precedent set for storing the krb5Key data in a native ASN1
encoded field.

2015-09-27 16:36:24 -05:00

50 KiB

Raw Blame History

View Raw