From 0eb853eb2ef7e7063c0219ce2cbd1e239d5579b7 Mon Sep 17 00:00:00 2001
From: Bill MacAllister <whm@dropbox.com>
Date: Thu, 3 Dec 2015 00:27:33 +0000
Subject: Implement support for managed Active Directory keytabs

This version implements Active Directory as the store for keytabs.
The interface to Active Directory uses a combination of direct LDAP
queries and the msktutil utility.  This version does not support the
wallet unchanging flag.  Unchanging requires that a keytab be
retrieved without changing the password/kvno which is not supported by
msktutil.
---
 perl/lib/Wallet/Kadmin.pm | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'perl/lib/Wallet/Kadmin.pm')

diff --git a/perl/lib/Wallet/Kadmin.pm b/perl/lib/Wallet/Kadmin.pm
index 65a5700..cb3bd47 100644
--- a/perl/lib/Wallet/Kadmin.pm
+++ b/perl/lib/Wallet/Kadmin.pm
@@ -69,6 +69,9 @@ sub new {
     } elsif (lc ($Wallet::Config::KEYTAB_KRBTYPE) eq 'heimdal') {
         require Wallet::Kadmin::Heimdal;
         $kadmin = Wallet::Kadmin::Heimdal->new;
+    } elsif (lc ($Wallet::Config::KEYTAB_KRBTYPE) eq 'ad') {
+        require Wallet::Kadmin::AD;
+        $kadmin = Wallet::Kadmin::AD->new;
     } else {
         my $type = $Wallet::Config::KEYTAB_KRBTYPE;
         die "unknown KEYTAB_KRBTYPE setting: $type\n";
-- 
cgit v1.2.3