Techie <[email protected]> writes: > The krb5.conf man page seems to indicate that you can have multiple > Kerberos REALMS defined in a single krb5.conf file.
> Will doing this allow authentication to multiple realms? If so, will it > try and contact each defined realm until it sees a matching principal? It depends on what you mean by "it." If you mean kinit, I don't believe it has support for this. If you mean something else, it depends on the application. For example, you can configure my pam-krb5 PAM module to do this. I believe MIT Kerberos only lets you define a single default realm, which is the realm used for authentication if no realm is specified in the principal name. (However, you can do things with server referrals.) -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
