[39137] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Authentication Indicators and Cross Realm Trust

daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Oct 7 18:33:40 2022

Message-ID: <8c438ed3-bd26-eb96-a562-88620a12429a@mit.edu>
Date: Fri, 7 Oct 2022 18:30:19 -0400
MIME-Version: 1.0
Content-Language: en-US
To: "Machin, Glenn Douglas" <machin2@llnl.gov>,
        "kerberos@mit.edu" <kerberos@mit.edu>
From: Greg Hudson <ghudson@mit.edu>
In-Reply-To: <SA0PR09MB65397CAF7D4F6D48A3C7A8A49A569@SA0PR09MB6539.namprd09.prod.outlook.com>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: kerberos-bounces@mit.edu

On 9/30/22 16:06, Machin, Glenn Douglas via Kerberos wrote:
> Can someone tell me if a TGT containing an authentication indicator will work over to a service principal in another realm which has a cross realm trust relationship?

Authentication indicators are currently only accepted within the same 
realm; cross-realm service ticket requests do not preserve the 
indicators from the cross-realm TGT.
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[39137] in Kerberos

Re: Authentication Indicators and Cross Realm Trust

daemon@ATHENA.MIT.EDU (Greg Hudson)Fri Oct 7 18:33:40 2022

daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Oct 7 18:33:40 2022