[5556] in Kerberos
KrbV5 domain_realm
daemon@ATHENA.MIT.EDU (Tomas Gustavsson)
Tue Jul 25 23:23:24 1995
To: kerberos@MIT.EDU
Date: 18 Jul 1995 15:03:18 GMT
From: tomasg@mars.dsv.su.se (Tomas Gustavsson)
Is it not possible to have a machine sitting in another domain
attached to your realm?
We're trying to add a machine with another domainname in out local
realm. The other machine can kinit and rlogin etc to the original
machine within the REALM. BUT the original machine in te REALM can NOT
rlogin to the new machine. They don't even get the service tickets
from the kdc.
We are suspecting the configuration file to be wrongly edited, we're
trying something like this:
[libdefaults]
ticket_lifetime = 600
default_realm = DSV.SU.SE
[realms]
DSV.SU.SE = {
kdc = KRB.DSV.SU.SE
admin_server = KRB.DSV.SU.SE
default_domain = DSV.SU.SE
}
[domain_realm]
.dsv.su.se = DSV.SU.SE
mach1.dsv.su.se = DSV.SU.SE
mach2.dsv.su.se = DSV.SU.SE
mach3.dsv.su.se = DSV.SU.SE
mach4.dsv.su.se = DSV.SU.SE
.other.se = DSV.SU.SE
foobar.other.se = DSV.SU.SE
Is there something wrong with this?
Or can't I have a machine with another domainname beeing serviced by
my realm.
===================================
Tomas Gustavsson
Dept. of Computer and System Sciences, Stockholm University/KTH
Email: tomasg@dsv.su.se
WWW: http://www.dsv.su.se/~tomasg
tel: +46 8 16 17 01
