Each Realm must have it's own KDC?
Derek Atkins
warlord at MIT.EDU
Thu Mar 21 17:10:00 EST 2002
Each realm needs to have its own logical KDC, but I believe you can
run one "krb5kdc" process that serves multiple realms. Note that this
is implementation dependent. The protocol doesn't really care, but an
implementation may (or may not) limit you.
-derek
Austin Gonyou <austin at coremetrics.com> writes:
> After reading through the KRB5 installation and administration manuals,
> it seems to me that each kerberos realm must have it's own KDC. Is that
> in fact so, or is there a way to have multiple realms served my the same
> KDC.
>
> We're facing some pretty crazy DNS changes soon, and it would affect the
> kerberos rollout plan rather directly. TIA.
>
>
> --
> Austin Gonyou
> Systems Architect, CCNA
> Coremetrics, Inc.
> Phone: 512-698-7250
> email: austin at coremetrics.com
>
> "It is the part of a good shepherd to shear his flock, not to skin it."
> Latin Proverb
> _______________________________________________
> krbdev mailing list krbdev at mit.edu
> http://mailman.mit.edu/mailman/listinfo/krbdev
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the krbdev
mailing list