Constructing User DN using principal name
diptivs@gmail.com
diptivs at gmail.com
Fri Apr 19 06:33:56 EDT 2013
Thanks Russ. Your reply was useful.
Sorry for a late reply. This is the customer requirement for us. I am
trying to get some more information from customer as per understanding from
you.
I will get back to you once I get the details.
On Tue, Apr 16, 2013 at 7:24 AM, Russ Allbery <rra at stanford.edu> wrote:
> diptivs at gmail.com writes:
>
> > The support is mainly for active directory and MIT KDC.
>
> > I was looking for some Kerberos API which can get me the domain name
> > with realm-domainName mapping. Actually DomainName is required at
> > Authorization directory to construct a search filter and it is not
> > recommended to do a bind from this server with AD/MIT_KDC just to
> > retrieve domain name.
>
> > Please let me know if you have any more suggestions. Thanks.
>
> Kerberos configuration only maps domains to realms. The mapping isn't
> reversible, in part because it's many to one (multiple domains can and
> often are mapped to the same realm).
>
> I may be missing something here, but this seems like very site-specific
> information. Can't you just require local configuration to map Kerberos
> realms to local domains? In most cases, there will probably be only one
> local domain.
>
> --
> Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
>
--
Have a nice day!
Regards,
Dipti
http://in.linkedin.com/in/diptivs
More information about the Kerberos
mailing list