Linux kerberos authentication against multiple subdomains?
Nils Olav Brandstorp Bekken
nobb at hiof.no
Thu Nov 6 04:27:18 EST 2003
I'm trying to set up a linux (RH 9) email server with imap and
authentication against multiple subdomains running w2k.
domain.com (no users logging on here)
sub1.domain.com (department # 1)
sub2.domain.com (department # 2)
...
sub5.domain.com (department # 5)
domain.com trusts each sub domain and each
subdomain trusts the parent domain.
installed packages:
rpm -qa|grep krb
krbafs-1.1.1-9
krb5-workstation-1.2.7-14
krbafs-devel-1.1.1-9
krb5-libs-1.2.7-14
krb5-devel-1.2.7-14
pam_krb5-1.60-1
I've got it to work with one realm in krb5.conf, when I'm putting
default_realm = sub1.domain.com in libdefaults and defining kdc and
admin_server in the realm setting. But I got trouble making it work with
two or more subdomains (been reading faq's, man pages, newsgroups and books
for the last 2 weeks now) I've been looking at the capath setting, without
luck. Anyone done this before?
Any help would be appreciated
Thanks in advance
Nils O. Bekken
More information about the Kerberos
mailing list