A client name with an '@'
Nordgren, Bryce L -FS
bnordgren at fs.fed.us
Wed Jun 3 12:29:19 EDT 2015
> Also, the venerably Russ Allberry created a lowercase realm for Stanford, and
> repeatedly has said that if he had to do it all over again he wouldn't have
> done a lowercase realm; too much software assumes an uppercase realm.
> Maybe that has changed in the intervening years.
Kind of moot. These smart cards are issued from GSA credentialing centers for USDA and certificate production is outside my sphere of influence. The really odd part is that the lowercase realm is encoded into the certificate, but the realm in Active Directory is uppercase. I don't know if this is some kind of oversight, some kind of requirement to make Active Directory canonicalize correctly, or if they're intentionally making it hard to use.
Thanks for all your help!
Bryce
More information about the Kerberos
mailing list