separate kdc to authenticate a single user
Richard E. Silverman
res at qoxp.net
Tue Jun 7 08:13:41 EDT 2011
peter sands <peter_sands at techemail.com> writes:
> Hi,
>
> Currently have kerberos running ( mit). All OK. but just found out
> that a web service currently running of one of our clients wants to
> use kerberos to authenticated against their own KDC server and not our
> default one.
>
> Do I just put in another entry in the realms section for their kdc, or
> do I need to
> setup cross-realm .
>
> Not to sure what to do
>
> Thanks
> Pete
If your client is going to use their own realm, you only need
cross-realm trust if you want principals in one realm to be able to
authenticate to services in the other.
--
Richard Silverman
res at qoxp.net
More information about the Kerberos
mailing list