Cross-realm authentication?
Derek Harkness
dharknes at umd.umich.edu
Wed May 19 16:00:25 EDT 2004
I've read a bit about cross-realm authentication and even kind of have
it working but not quite the way I want. So my question is. Is what I
want possible.
I currently have two realms ITS and UMD I want all my users to be in
UMD and all my servers and services in ITS. In the setup I currently
have if I log into UMD and then use a kerberized telnet to server1 in
ITS I get the proper tickets but get authorization denied unless I have
a .k5login in my home directory. This isn't what I want.
I want user at UMD to be able to access anything in the ITS realm. But
user at ITS should not be able access anything UMD. The reason for this
is UMD is currently outside my control and I simply want to use it for
authentication. I want a one way trust basically.
Thanks,
Derek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20040519/745d916b/attachment.bin
More information about the Kerberos
mailing list