cannot kinit to AD realm using alternative dns name
Mchugh, Sean
SMchugh at grey.com
Fri May 8 10:55:30 EDT 2009
Douglas E. Engert [mailto:deengert at anl.gov] wrote:
>
>
[..]
>
> Correct, Kerberos principals are case sensitive, (but Windows and DNS
> are insensitive.)
> So you realm name is GGG.LOCAL so must be upper case.
>
> > But not with: username at grey.com _or_ username at ggg.local ; error
message ...
thanks for the clarification. I was under the impression that
applications use [domain_realm] mappings
to translate the RHS of the userprincipalname to ucase or map the dns
domain. After re-reading the
man page section I understand the purpose now.
More information about the Kerberos
mailing list