Multiple realms
Thomas Bolioli
tpblists at terranovum.com
Thu Apr 28 14:46:24 EDT 2005
So I have to do this everytime I add a realm in?
Tom
Kenneth Grady wrote:
>You can have multiple realms on the same KDC. When you start krb5kdc you
>need the "-r realm1 -r realm2" flag. To setup the multiple realms you
>can run krb5_util create for realm1 (see kdc.conf) then krb5_util dump
>realm1.file, krb5_util destroy realm1, modify kdc.conf for realm2,
>krb5_util create realm2, krb5_util load -update realm1.file then you
>will have realm1 and realm2 in one database.
>
>There is a small problem adding entries to realm1 you need to run
>"kadmin.local -r realm1" entries for realm2 can be added with just
>"kadmin.local"
>
>
>On Wed, 2005-04-27 at 14:21, Thomas Bolioli wrote:
>
>
>>Do multiple realms require multiple kdc's and if so, does that mean I
>>will need to have multiple ports open for those if the KDCs all exist on
>>the same machine? I realize I will need to do cross realm with this
>>setup but that should be trivial by setting up the trust in the KDC. Are
>>there any issues with this setup I may be missing?
>>Thanks,
>>Tom
>>
>>______________________________________________________________________
>>________________________________________________
>>Kerberos mailing list Kerberos at mit.edu
>>https://mailman.mit.edu/mailman/listinfo/kerberos
>>
>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3194 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20050428/18840e8b/attachment.bin
More information about the Kerberos
mailing list