Hi All. We have a setup with several Active Directory domains that individually trusts each other. Each domain translates into each own Kerberos REALM as far as I'm understanding the systems.
But prinicipals are unique across the realms. Thus if [EMAIL PROTECTED] exixts, then It doesn't exist in the other realms. I'd like to use kerberos for the password lookup in the Linux system using pam. This Works fine with one "realm" but since the system only looks up users in the "default realm" I cannot validate users from the other realms. (This is pam for login on Linux Server/Workstations) Is it possible to get a "multi"-realm setup like this to work? Any pointers? It would be nice to be able to specify a map to the kerberos client: Jk = [EMAIL PROTECTED] Test = [EMAIL PROTECTED] Or something like that. Jesper ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos