KfW krb5.conf inclusions

David Bear David.Bear at asu.edu
Fri May 4 14:38:24 EDT 2007

On Fri, May 04, 2007 at 01:13:19PM -0500, Douglas E. Engert wrote:
> David Bear wrote:
> >I have been wondering about necessary inclusions in a krb5.conf file
> >for use on a windows box that is ALSO joined and authenticating to AD.
> >
> >We have to kerb realms; an original MIT kerb5 realm, and a separate
> >realm for AD.
> Are the realm names different? If so do they do cross realm?

yes, realm names are different.

There is a cross realm trust -- (I don't know the details of that)
> If they ues the same realm name, that could be a problem.
> Are user names and passwords synced between them?
> If so consider just using AD for the KDCs.
>  Our MIT realm is used to authentication users of afs.
> >Our AD realm is used for ... things microsoft.
> Are you going to be at the AFS&Kerberos Best Practices next week?

no -- but there will be asu representatives there I hope.

David Bear
phone: 	602-496-0424
fax: 	602-496-0955
College of Public Programs/ASU
University Center Rm 622
411 N Central
Phoenix, AZ 85007-0685
 "Beware the IP portfolio, everyone will be suspect of trespassing"

More information about the Kerberos mailing list