Question about cross realm authentification

Hubert Chomette chomette at ensil.unilim.fr
Fri Nov 13 03:48:05 EST 2009


Hi,

We try to unify authentification between two departements in our  
university.
The two departments have their own kdc, so cross realm should be the  
more interesting thing.
What I have understand, is that a client from site A with a TGT from A  
can ask for a cross realm TGT for B site and access to all SSOised  
application to B.
But suppose that a user from site A go to site B. How can he  
authentificate on a machine from site B (linux/windows computers using  
kdc B authentification)?
does cross realm permit such things? Or should this user have an  
account on site B to?

Thank's for your help

Regards,

Hubert



More information about the Kerberos mailing list