[30086] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Kerberos Authorization Mechanism

daemon@ATHENA.MIT.EDU (Vibhuti Sinha)
Thu Jul 10 05:35:09 2008

Message-ID: <d0f7c5500807100234q2138816ag80bd8575afa54656@mail.gmail.com>
Date: Thu, 10 Jul 2008 02:34:00 -0700
From: "Vibhuti Sinha" <vr.sinha@gmail.com>
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

Hi,
     I am currently running two KDC servers with cross realm authentication
setup between the two.
1st Server is in kerberos realm TEST.COM
2nd Server is in kerberos realm EXAMPLE.COM

TEST.COM trusts EXAMPLE.COM

Now, I need to design an authorization mechanism by which any administrator
in EXAMPLE.COM should not have admin rights in TEST.COM

Services in TEST.COM are ssh and Unix authentication.

creating ACLs in TEST.COM for authorization is not feasible and I do not
have this option. What are my other options to achieve this?

Regards
Vibhuti Sinha
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[30086] in Kerberos

Kerberos Authorization Mechanism

daemon@ATHENA.MIT.EDU (Vibhuti Sinha)Thu Jul 10 05:35:09 2008

daemon@ATHENA.MIT.EDU (Vibhuti Sinha)
Thu Jul 10 05:35:09 2008