Kerberos Authorization Mechanism
vr.sinha at gmail.com
Thu Jul 10 05:34:00 EDT 2008
I am currently running two KDC servers with cross realm authentication
setup between the two.
1st Server is in kerberos realm TEST.COM
2nd Server is in kerberos realm EXAMPLE.COM
TEST.COM trusts EXAMPLE.COM
Now, I need to design an authorization mechanism by which any administrator
in EXAMPLE.COM should not have admin rights in TEST.COM
Services in TEST.COM are ssh and Unix authentication.
creating ACLs in TEST.COM for authorization is not feasible and I do not
have this option. What are my other options to achieve this?
More information about the Kerberos