[16701] in Kerberos-V5-bugs
[krbdev.mit.edu #8981] Documentation__krb5.conf
daemon@ATHENA.MIT.EDU (Ulf Bremer via RT)
Mon Jan 25 10:11:48 2021
From: "Ulf Bremer via RT" <rt-comment@krbdev.mit.edu>
In-Reply-To: <BN6PR05MB3137AB67C9818AE94BBEDC4BAEBD9@BN6PR05MB3137.namprd05.prod.outlook.com>
Message-ID: <rt-4.4.4-111694-1611587486-790.8981-4-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8981":;
Date: Mon, 25 Jan 2021 10:11:26 -0500
MIME-Version: 1.0
Reply-To: rt-comment@krbdev.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Mon Jan 25 10:11:26 2021: Request 8981 was acted upon.
Transaction: Ticket created by ubremer@juniper.net
Queue: krb5
Subject: Documentation__krb5.conf
Owner: Nobody
Requestors: ubremer@juniper.net
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8981 >
Hi,
I can't get my head around how the following can be consistent / right:
"
[domain_realm]
The [domain_realm] section provides a translation from a domain name or hostname to a Kerberos realm name. The tag name can be a host name or domain name, where domain names are indicated by a prefix of a period (.).
...
[domain_realm]
crash.mit.edu = TEST.ATHENA.MIT.EDU < --- according to the above a host
.dev.mit.edu = TEST.ATHENA.MIT.EDU < --- according to the above a domain
mit.edu = ATHENA.MIT.EDU < --- according to the above a _host_
... dev.mit.edu ... is matched by the third entry, which maps the host mit.edu and _all hosts under the domain mit.edu_ ... into the realm ATHENA.MIT.EDU.
"
How can a non-domain (as it doesn't start with a . ) apply to "all hosts under the domain"? Any clarification would be much appreciated.
Regards
Ulf
Juniper Business Use Only
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
