QUERY FOR CROSS REALM AUTHENTICATION
Richard E. Silverman
res at qoxp.net
Wed Mar 8 21:23:30 EST 2006
>
> HELLO ALL,
> This is zaheer here, i am working on the cross domain authentication using
> kerberos, i have configured two domains, and i am in a dilemma as to install 2
> KDC in both the domains or is it sufficient for the kdc to be installed in only
> one single domain, and register the other domain as just the user of the domain
> in which the kdc is installed. please do clear my doubt. Looking for an answer
> ASAP.
> Thanking you,
> Zaheer.
Cross-realm authentication implies two KDCs: a realm is by definition the
set of principals who share keys with the same KDC. A trusts B means that
B can issue TGTs valid for A's TGS.
--
Richard Silverman
res at qoxp.net
More information about the Kerberos
mailing list