Each Realm must have it's own KDC?

Austin Gonyou austin at coremetrics.com
Thu Mar 21 17:27:00 EST 2002 

Thanks much. I would seem as that as well, but I don't know of any
documentation on the subject. As I said, I read the docs provided,
unless I'm missing some pages the implementation of such a thing seems
spartan. 

I'm going to take sunday and see what I can get out of it as well as
re-reading all docs. As part of this, should I have to create multiple
DB's to accomplish this? If you know? (i.e. kdb5_util create -s -r
SOMEOTHERREALM.ORG -d
/var/kerberos/krb5kdc/principal.SOMEOTHERREALM.ORG)

If not, thanks anyway!



On Thu, 2002-03-21 at 16:06, Derek Atkins wrote:
> Each realm needs to have its own logical KDC, but I believe you can
> run one "krb5kdc" process that serves multiple realms.  Note that this
> is implementation dependent.  The protocol doesn't really care, but an
> implementation may (or may not) limit you.
> 
> -derek
> 
> Austin Gonyou <austin at coremetrics.com> writes:
> 
> > After reading through the KRB5 installation and administration
> manuals,
> > it seems to me that each kerberos realm must have it's own KDC. Is
> that
> > in fact so, or is there a way to have multiple realms served my the
> same
> > KDC. 
> > 
> > We're facing some pretty crazy DNS changes soon, and it would affect
> the
> > kerberos rollout plan rather directly. TIA.
> > 
> > 
> > -- 
> > Austin Gonyou
> > Systems Architect, CCNA
> > Coremetrics, Inc.
> > Phone: 512-698-7250
> > email: austin at coremetrics.com
> > 
> > "It is the part of a good shepherd to shear his flock, not to skin
> it."
> > Latin Proverb
> > _______________________________________________
> > krbdev mailing list             krbdev at mit.edu
> > http://mailman.mit.edu/mailman/listinfo/krbdev
> 
> -- 
>        Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
>        Member, MIT Student Information Processing Board  (SIPB)
>        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
>        warlord at MIT.EDU                        PGP key available
-- 
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com

"It is the part of a good shepherd to shear his flock, not to skin it."
Latin Proverb

More information about the krbdev mailing list