Each Realm must have it's own KDC?
austin at coremetrics.com
Thu Mar 21 17:27:00 EST 2002
Thanks much. I would seem as that as well, but I don't know of any
documentation on the subject. As I said, I read the docs provided,
unless I'm missing some pages the implementation of such a thing seems
I'm going to take sunday and see what I can get out of it as well as
re-reading all docs. As part of this, should I have to create multiple
DB's to accomplish this? If you know? (i.e. kdb5_util create -s -r
If not, thanks anyway!
On Thu, 2002-03-21 at 16:06, Derek Atkins wrote:
> Each realm needs to have its own logical KDC, but I believe you can
> run one "krb5kdc" process that serves multiple realms. Note that this
> is implementation dependent. The protocol doesn't really care, but an
> implementation may (or may not) limit you.
> Austin Gonyou <austin at coremetrics.com> writes:
> > After reading through the KRB5 installation and administration
> > it seems to me that each kerberos realm must have it's own KDC. Is
> > in fact so, or is there a way to have multiple realms served my the
> > KDC.
> > We're facing some pretty crazy DNS changes soon, and it would affect
> > kerberos rollout plan rather directly. TIA.
> > --
> > Austin Gonyou
> > Systems Architect, CCNA
> > Coremetrics, Inc.
> > Phone: 512-698-7250
> > email: austin at coremetrics.com
> > "It is the part of a good shepherd to shear his flock, not to skin
> > Latin Proverb
> > _______________________________________________
> > krbdev mailing list krbdev at mit.edu
> > http://mailman.mit.edu/mailman/listinfo/krbdev
> Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
> Member, MIT Student Information Processing Board (SIPB)
> URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
> warlord at MIT.EDU PGP key available
Systems Architect, CCNA
email: austin at coremetrics.com
"It is the part of a good shepherd to shear his flock, not to skin it."
More information about the krbdev