KfW krb5.conf inclusions
David Bear
David.Bear at asu.edu
Fri May 4 14:38:24 EDT 2007
On Fri, May 04, 2007 at 01:13:19PM -0500, Douglas E. Engert wrote:
>
>
> David Bear wrote:
> >I have been wondering about necessary inclusions in a krb5.conf file
> >for use on a windows box that is ALSO joined and authenticating to AD.
> >
> >We have to kerb realms; an original MIT kerb5 realm, and a separate
> >realm for AD.
>
> Are the realm names different? If so do they do cross realm?
yes, realm names are different.
There is a cross realm trust -- (I don't know the details of that)
>
> If they ues the same realm name, that could be a problem.
> Are user names and passwords synced between them?
> If so consider just using AD for the KDCs.
>
> Our MIT realm is used to authentication users of afs.
> >Our AD realm is used for ... things microsoft.
>
> Are you going to be at the AFS&Kerberos Best Practices next week?
no -- but there will be asu representatives there I hope.
--
David Bear
phone: 602-496-0424
fax: 602-496-0955
College of Public Programs/ASU
University Center Rm 622
411 N Central
Phoenix, AZ 85007-0685
"Beware the IP portfolio, everyone will be suspect of trespassing"
More information about the Kerberos
mailing list