[OpenAFS-devel] Multi-Realm Kerberos Support in 1.4.x
Jason D. McCormick
jasonmc@sei.cmu.edu
Tue, 23 Sep 2008 10:34:14 -0400
Hello all,
In RT issue 58447 there's mention that the multi-realm Kerberos patch would=
be put into the 1.4 production branch around what looks like the release t=
ime of 1.4.5. However in looking at the patch and the code in 1.4.7 I don'=
t see any support for specifying multiple realms in krb.conf. Am I missing=
something or was this not added? If it wasn't added, was there a reason i=
t wasn't added that would cause problems if I started using the patch? I'm=
looking for a way to authenticate users from a "foreign" realm. The two K5=
realms have a two-way trust but I don't want to have to create foreign-rea=
lm PTS entries, I want jasonmc@REALM1.COM and jasonmc@REALM2.COM to get the=
same PTS/token in the cell realm1.com.
Thanks.
--
Jason McCormick
Unix Team Lead, Systems Group, IT
Software Engineering Institute, Carnegie Mellon Univ.
E: jasonmc@cert.org , jasonmc@sei.cmu.edu