At our site we have principals (user accounts) in a Windows 2000 AD domain,
lets call this realm WIN.AD. I have configured Kerberos on my workstation
and can get my krbtgt from the AD using my account--so far so good.
I have created a second realm for my servers, lets call this realm
NOT.WIN.AD, where I have created "host", "telnet", and account principals.
I can kinit and ktelnet between systems in the realm using the NOT.WIN.AD
account principal ([EMAIL PROTECTED]).
I would like to use the WIN.AD accounts to access the NOT.WIN.AD resources.
Can I use mappings in the krb5.conf [capaths] section to accomplish this?
I have already tried the following without success:
[capaths]
NOT.WIN.AD = {
WIN.AD = .
}
WIN.AD = {
WIN.AD = .
}
thanks,
...Mike
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
