Hello, I'm working on an prototype to replace our NIS based auth' to kerberised services. I've menage to setup NFS4 with kerberos using gss/krb5 security in exports and all well.
we have various host groups (using nis netgroups) that should connect to various exports, if we change them to gss/krb5 we loose the netgroup differentiation. I've though of using multiple realms (with a single KDC) and the various exports will be handled by the client machine's realms, if more then one "group" is needed we can inter-realm authenticate. has anyone heard of such kerberos "alternative" for netgroup NFS approach? is it feasible? how does kadmin handle multiple realm? any help would be most appreciate. -- View this message in context: http://www.nabble.com/help-with-kerberised-NFS-for-a-nis-netgroup-alternative-tp15039386p15039386.html Sent from the Kerberos - General mailing list archive at Nabble.com. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
