[7386] in Kerberos
Clarification of philosophy ... (fwd)
daemon@ATHENA.MIT.EDU (Chris Marshall)
Mon Jun 3 10:29:39 1996
Date: Mon, 3 Jun 1996 10:02:02 -0400 (EDT)
From: Chris Marshall <cmarsh01@west.poly.edu>
To: kerberos@MIT.EDU
I posted this at the beginning of the month, but never received any replies.
Anyone who can assist me will be greatly rewarded by kudos and thanks. :-)
Chris
---------- Forwarded message ----------
Date: Mon, 6 May 1996 16:49:29 -0400 (EDT)
From: Chris Marshall <cmarsh01@west.poly.edu>
To: kerberos@MIT.EDU
Subject: Clarification of philosophy ...
I am installing krb5 in a university setting in a development lab. The
lab consists of six machines, and all have the same domain as everyone else
(.poly.edu).
What I don't want to happen is for <kdlserver1>.poly.edu to be the
kerberos realm server for the all machines in the entire .poly.edu
domain. Just for these six machines. In the krb5.conf file under
[domain_realm] I listed each of the six hosts and specifically set each
equal to the realm I created for this lab.
What happens if I don't indicate a domain to realm translation, and leave
it just with host to realm translations? Or if I do indicate .poly.edu =
MYKRB.REALM, will this server get hit with a bunch of requests that it
can't answer for? Will it just turn people away, or is there some kind of
resource drain?
I have already made a suggestion that these six machines be subdomained
(.kdl.poly.edu), but until that happens, what is the impact?
Thanks for any assistance you can provide.
Chris
