KfW krb5.conf inclusions

David Bear David.Bear at asu.edu
Fri May 4 12:44:29 EDT 2007


I have been wondering about necessary inclusions in a krb5.conf file
for use on a windows box that is ALSO joined and authenticating to AD.

We have to kerb realms; an original MIT kerb5 realm, and a separate
realm for AD. Our MIT realm is used to authentication users of afs.
Our AD realm is used for ... things microsoft.

Will KfW automagically handle obtaining tickets from the AD realm
without having anything entries in the krb5.conf file? 

I have entries for both realms currently and I consistently get an
error from the NetId Manager that it failed to get tickets for our AD
realm. However, when I look in the NetId Manager I do indeed see
various tickes from our AD realm. I'm thinking that perhaps the
additional entries in the krb5.con file are superflous.

We do get tickets and afs tokens properly from our MIT realm which
makes afs happy.


-- 
David Bear
phone: 	602-496-0424
fax: 	602-496-0955
College of Public Programs/ASU
University Center Rm 622
411 N Central
Phoenix, AZ 85007-0685
 "Beware the IP portfolio, everyone will be suspect of trespassing"



More information about the Kerberos mailing list