Multi REALM krb config file.
Russ Allbery
rra at stanford.edu
Mon Mar 29 14:03:13 EDT 2010
Techie <techchavez at gmail.com> writes:
> The krb5.conf man page seems to indicate that you can have multiple
> Kerberos REALMS defined in a single krb5.conf file.
> Will doing this allow authentication to multiple realms? If so, will it
> try and contact each defined realm until it sees a matching principal?
It depends on what you mean by "it." If you mean kinit, I don't believe
it has support for this. If you mean something else, it depends on the
application. For example, you can configure my pam-krb5 PAM module to do
this.
I believe MIT Kerberos only lets you define a single default realm, which
is the realm used for authentication if no realm is specified in the
principal name. (However, you can do things with server referrals.)
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list