[16613] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[krbdev.mit.edu #8945] krb5kdc: the 32 realms limit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Tue Sep 8 13:20:25 2020

From: "Greg Hudson via RT" <rt@krbdev.mit.edu>
In-Reply-To: <257897be7b144984156afad04905b658a190dcdd.camel@aegee.org>
Message-ID: <rt-4.4.4-101636-1599585604-729.8945-5-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8945":;
Date: Tue, 08 Sep 2020 13:20:04 -0400
MIME-Version: 1.0
Reply-To: rt@krbdev.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu

<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8945 >

For your use case, would it be better to have a separate KDB for each realm
(implying separate storage, propagation, and backup), or have one KDB to which
realms could be added and removed?

To answer one of your questions, if you ran two separate krb5kdc processes each
with 31 -r options to get around the current 32-realm limitation, they would
have to serve different ports.

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16613] in Kerberos-V5-bugs

[krbdev.mit.edu #8945] krb5kdc: the 32 realms limit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)Tue Sep 8 13:20:25 2020

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Tue Sep 8 13:20:25 2020