Turning off hostname canonicalisation
Jeffrey Altman
jaltman at MIT.EDU
Mon Sep 12 13:14:23 EDT 2005
The answer is 'no'. Settings in [appdefaults] are not for reading by
the Kerberos libraries. They are for reading by the application.
Jeffrey Altman
Henry B. Hotz wrote:
> As another branch of this subject tree: The option being discussed is
> for [libdefaults]. Will the parsing code pick it up in [appdeafaults]
> as well? I would imagine that different app's might be coded
> differently and might need different behavior to work correctly.
>
> On Sep 12, 2005, at 9:02 AM, krbdev-request at mit.edu wrote:
>
>> Without
>> canonicalisation I would need to create keytab for app.test.com and
>> distribute to every system, which can be painful in a bigger
>> environment. So
>> I see a need to keep canonicalisation on a service by service case
>> and not
>> as a global switch.
>
> ------------------------------------------------------------------------
> ----
> The opinions expressed in this message are mine,
> not those of Caltech, JPL, NASA, or the US Government.
> Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
>
> _______________________________________________
> krbdev mailing list krbdev at mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2707 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20050912/4cfaf316/attachment.bin
More information about the krbdev
mailing list