Modifying gethost...() under Solaris
Samuel.Degrande at lifl.fr
Fri Mar 21 04:24:05 EST 2003
According to Wyllys Ingersoll (Thu, 20 Mar 2003 18:45:08 -0500):
> Degrande_Samuel wrote:
> >>>I didn't want to have to put everything in trash...
> >>>If you think that we SHOULD really change our name services, that Sun
> >>>recommandations are really a bad idea, then we will start thinking
> >>>about it...
> >>Which Sun recommendations did I say were a bad idea?
> >Oh no, there's nothing YOU said about Sun recommandations. I meant
> >that all Sun manuals use short names.
> I believe that the SEAM documentation clearly states that FQDN names are
> hightly recommended
> for Kerberos configurations.
It seems to be a bit more complicated.
SEAM doc says to use FQDN when creating service or host principals.
That is what I did. However we use NIS with short names.
I configured our NFS servers to use krb5 authentification.
When mounting a shared directory (nfsserv:/path for exemple), a SEAM client
asks a ticket for the nfs/nfsserv.domainname principal (sorry if I use wrong
terminology, I'm always a Kerberos beginner). So it seems that the SEAM
implementation includes a workaround to convert short names into FQDN names...
Samuel Degrande LIFL - UMR 8022 CNRS - Bat M3
Phone: (33)188.8.131.52.38 USTL - Universite de Lille 1
Fax: (33)184.108.40.206.66 59655 VILLENEUVE D'ASCQ CEDEX - FRANCE
More information about the krbdev