Kerberize Webserver outside our domain
Andreas Bruckmeier
dev at bruckmeier.org
Wed Dec 15 02:44:09 EST 2010
Hi all,
we will set up a new domain in our office using a windows server with active
directory and it´s Kerberos component.
In a test environment we where able to kerberize a local webserver with
mod_auth_kerb.
Now I have the question if it is possible to also kerberize a public
webserver standing outside our office, maybe with the webserver connected
via VPN for KDC-connections.
Is this possible and is this the main purpose of the domain_realm mapping?
If not, how could we solve this in a good way?
For example:
Local office domain -> company.lan -> Realm: COMPANY.LAN
The external webserver -> something.de -> Domain-Realm-Mapping:
.something.de = COMPANY.LAN
Best regards
Andi
More information about the Kerberos
mailing list