[7390] in Kerberos
Re: Clarification of philosophy ... (fwd)
daemon@ATHENA.MIT.EDU (Wes Brown)
Mon Jun 3 20:18:12 1996
To: kerberos@MIT.EDU
Date: 3 Jun 1996 22:17:55 GMT
From: wes@prozac.student.cwru.edu (Wes Brown)
Chris Marshall (cmarsh01@west.poly.edu) wrote:
: I posted this at the beginning of the month, but never received any replies.
: Anyone who can assist me will be greatly rewarded by kudos and thanks. :-)
:
: Chris
:
: ---------- Forwarded message ----------
: Date: Mon, 6 May 1996 16:49:29 -0400 (EDT)
: From: Chris Marshall <cmarsh01@west.poly.edu>
: To: kerberos@MIT.EDU
: Subject: Clarification of philosophy ...
:
:
: I am installing krb5 in a university setting in a development lab. The
: lab consists of six machines, and all have the same domain as everyone else
: (.poly.edu).
:
: What I don't want to happen is for <kdlserver1>.poly.edu to be the
: kerberos realm server for the all machines in the entire .poly.edu
: domain. Just for these six machines. In the krb5.conf file under
: [domain_realm] I listed each of the six hosts and specifically set each
: equal to the realm I created for this lab.
:
: What happens if I don't indicate a domain to realm translation, and leave
: it just with host to realm translations? Or if I do indicate .poly.edu =
: MYKRB.REALM, will this server get hit with a bunch of requests that it
: can't answer for? Will it just turn people away, or is there some kind of
: resource drain?
:
: I have already made a suggestion that these six machines be subdomained
: (.kdl.poly.edu), but until that happens, what is the impact?
:
: Thanks for any assistance you can provide.
:
: Chris
Adapt this as you can. (Most times as soon as I see Krb5 I move on)
I use only Kerberos IV. The realm that I set up with my test kerberos
server is DRUGS.STUDENT.CWRU.EDU. My Kerberos server is
slowpoke.student.cwru.edu. Now the only other realm on the campus that I
know of is INS.CWRU.EDU. All of my machines know that both realms exist.
I used the /etc/krb.realm file to say which machines were in the DRUGS
realm and which machines where in the INS realm. I put both admin server
enties into the /etc/krb.conf.
Hope this can help in some way.
Wes
---
Wes Brown
ewb4@po.cwru.edu wes@prozac.student.cwru.edu
http://prozac.cwru.edu/wes/About.me.html
KB8TGR
