Hi,
I am very new to Kerberos authentication and am having problems with getting
a ticket for a users on multiple AD Realms.
The client OS is OS X 10.4.x and using LDAP Mappings and /etc/authorization
for kerb ticket at login window.
The user names are like this:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
This is what my edu.mit.kerberos file looks like:
[libdefaults]
default_realm = DOM1.WIN
DOM1.WIN = {
admin_server = server1.dom1.win.:749
kdc = server1.dom1.win.:88
}
DOM2.WIN = {
admin_server = server1.dom2.win.:749
kdc = server1.dom2.win.:88
The first thing is that I don't believe @DOM1 is mapping to the DOM1.WIN and
it just defaults to DOM1.WIN in the edu.mit.kerberos file. As a consequence
this user ([EMAIL PROTECTED]) gets a ticket.
So when [EMAIL PROTECTED] try's it cant resolve to DOM2 to it defaults
to DOM1.WIN in the edu.mit.kerberos file and fails to get a ticket
Does anyone have any ideas on the way forward here? I am really stuck!
Any help would be much appreciated!
Ben W Young
Technology Services Administrator
[EMAIL PROTECTED]
**********************************************************************
This message is intended for the addressee named and may contain
privileged information or confidential information or both. If you
are not the intended recipient please delete it and notify the sender.
**********************************************************************
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
