[38609] in Kerberos
Re: Add second realm to existing KDC ?
daemon@ATHENA.MIT.EDU (chris)
Tue Sep 10 12:50:35 2019
To: kerberos@mit.edu
From: chris <listy@fastmail.fm>
Message-ID: <8c7896ee-cd51-49b1-4c54-7f337b23baef@fastmail.fm>
Date: Tue, 10 Sep 2019 12:49:39 -0400
MIME-Version: 1.0
In-Reply-To: <db0c4239-c8a2-2973-4c80-f2083494c1e7@mit.edu>
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 9/10/19 12:43 PM, Greg Hudson wrote:
> Add the new realm specification to the config files. Make sure ports
> are specified in realm config, not in [kdcdefaults], so that each
> process can use separate ports. Create a new database for the new realm.
>
> Then arrange for krb5kdc to be run with "-r REALM" flags for each realm,
> and similarly for kadmind. How you do this part is system-specific.
Greg, thank you very much. I will give it a go.
I'd rather have a single KDC with a slightly wonky setup than 2 separate
vanilla KDCs. :-)
Thanks,
chris
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
