Kerberos Authorization Mechanism

Vibhuti Sinha vr.sinha at
Thu Jul 10 05:34:00 EDT 2008

     I am currently running two KDC servers with cross realm authentication
setup between the two.
1st Server is in kerberos realm TEST.COM
2nd Server is in kerberos realm EXAMPLE.COM


Now, I need to design an authorization mechanism by which any administrator
in EXAMPLE.COM should not have admin rights in TEST.COM

Services in TEST.COM are ssh and Unix authentication.

creating ACLs in TEST.COM for authorization is not feasible and I do not
have this option. What are my other options to achieve this?

Vibhuti Sinha

More information about the Kerberos mailing list