Does kadmind work on a multi-realm KDC?
Nikola Milutinovic
Nikola.Milutinovic at ev.co.yu
Fri Sep 5 01:57:11 EDT 2003
> We've had experience supporting multi realms on a single server. Here
> is what you want to do:
>
> 1.) Start one instance of kadmind for each realm that you want to
> administrate. Use the -r switch on the commandline to specify the
> realm that will be managed, ie:
>
> kadmind -r SOME.REALM
>
> 2.) Use the following two directives in the realm stanza in the
> kdc.conf file to specify the ports that the administrative deamon
> will listen on for RPC administrative traffic and password
> changes:
>
> kadmind_port = NNN
> kpasswd_port = NNN
Is there a plan and possibility in kadmin protocol to support multiple realms on one port (one kadmind)? I have a situation where I would have 14 relams. Fortunately, I'll have 10 Alpha Servers, but still, I'd need something elegant and scalable. The current solution both in Heimdal and MIT is lacking on that.
> You will want to choose port numbers in the restricted, ie. <
> 1024, range.
That range is a bit crammed...
Nix.
More information about the Kerberos
mailing list