[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cross-realm difficulties

To: heimdal-discuss@sics.se
Subject: Re: cross-realm difficulties
From: Priit Randla <priit.randla@eyp.ee>
Date: Tue, 15 Feb 2005 14:59:24 +0200
In-Reply-To: <421094D2.1020605@eyp.ee>
Organization: UBE
References: <41FF67D1.9040608@eyp.ee> <ampsz4lchp.fsf@nutcracker.it.su.se> <421094D2.1020605@eyp.ee>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922



    Hello,

I saw that aname_to_localname and krb5_kuserok use 
krb5_get_default_realms to
obtain an array of 'default realms'.
All examples of krb5.conf show only single default_realm = EXAMPLE.COM
.. or something like that.

Should one use 'default_realm = AAA BBB'  or two entries:
default_realm = AAA
default_realm = BBB

Or is there another way alltogether to do principal->local user maping with
principals from multiple kerberos realms?

Priit

Follow-Ups:
- Re: cross-realm difficulties
  - From: Priit Randla <priit.randla@eyp.ee>

References:
- cross-realm difficulties
  - From: Priit Randla <priit.randla@eyp.ee>
- Re: cross-realm difficulties
  - From: Love <lha@stacken.kth.se>
- Re: cross-realm difficulties
  - From: Priit Randla <priit.randla@eyp.ee>

Prev by Date: Re: Deleting only some salt types
Next by Date: encryption problem setting up slave
Prev by thread: Re: cross-realm difficulties
Next by thread: Re: cross-realm difficulties
Index(es):
- Date
- Thread