Thank you Ken! That makes a LOT more sense.. After I sent the mail I had worked out that a single (standalone) rule worked.. But I didn't make the final leap to realise I could then have multiple rules in the same [realms] block.
That's solved my immediate problem, many, many thanks :-) Met vreiendelijk groet; Owen. -----Original Message----- From: Ken Raeburn [mailto:[EMAIL PROTECTED] Sent: maandag 21 mei 2007 16:49 To: Owen Carter Cc: [email protected] Subject: Re: WHy is this common syntax failing? On May 21, 2007, at 10:41, Owen Carter wrote: > [realms] > MIRABEAU.NL = { > kdc = SERV1.mirabeau.nl > admin_server = SERV1.mirabeau.nl > auth_to_local = { > RULE:[2:$1](johndoe)s/^.*$/guest/ > RULE:[2:$1;$2](^.*;admin$)s/;admin$// > RULE:[2:$2](^.*;root)s/^.*$/root/ > DEFAULT > } > } > > When I did that, Kerberos stops working. The documentation is wrong. You need to use something like: [realms] MIRABEAU.NL = { auth_to_local = RULE:blahblahblah auth_to_local = RULE:stuffheretoo auth_to_local = DEFAULT } > (as a footnote; the error message could be much, much more > specific.. I mean, it doesn't even give a line number of where the > error is found in the file, let alone a true reason WHY it believes > the format is invalid.) Yes, that would be a good improvement too.... Ken ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
