Cross realm authentication

[Sam Hartman]

>>>>> "CJ" == CJ Keist <cjay at engr.colostate.edu> writes:

    CJ> If I understand your message here, then Kerberos right now is
    CJ> not capable of handling this setup.  In that a master realm
    CJ> that holds just user principals, with sub realms holding host
    CJ> principals cannot authenticate a user logging into a client
    CJ> machine in one of the sub realms?

This can work fine.  But you need to statically configure things so
that the clients know what realm each principal lives in.