Does kadmind work on a multi-realm KDC?

Nikola Milutinovic Nikola.Milutinovic at ev.co.yu
Fri Sep 5 01:57:11 EDT 2003


> We've had experience supporting multi realms on a single server.  Here
> is what you want to do:
> 
> 1.) Start one instance of kadmind for each realm that you want to
>     administrate.  Use the -r switch on the commandline to specify the
>     realm that will be managed, ie:
> 
> kadmind -r SOME.REALM
> 
> 2.) Use the following two directives in the realm stanza in the
>     kdc.conf file to specify the ports that the administrative deamon
>     will listen on for RPC administrative traffic and password
>     changes:
> 
> kadmind_port = NNN
> kpasswd_port = NNN

Is there a plan and possibility in kadmin protocol to support multiple realms on one port (one kadmind)? I have a situation where I would have 14 relams. Fortunately, I'll have 10 Alpha Servers, but still, I'd need something elegant and scalable. The current solution both in Heimdal and MIT is lacking on that.

>     You will want to choose port numbers in the restricted, ie. <
>     1024, range.

That range is a bit crammed...

Nix.



More information about the Kerberos mailing list