O'Malley wrote:
>
> At our site we have principals (user accounts) in a Windows 2000 AD domain,
> lets call this realm WIN.AD. I have configured Kerberos on my workstation
> and can get my krbtgt from the AD using my account--so far so good.
>
> I have created a second realm for my servers, le
> I would like to use the WIN.AD accounts to access the NOT.WIN.AD resources.
> Can I use mappings in the krb5.conf [capaths] section to accomplish this?
If they are hierarchical like NOT.WIN.AD and WIN.AD
I don't think you need any capaths, you just need to
create the principal krbtgt/[
At our site we have principals (user accounts) in a Windows 2000 AD domain,
lets call this realm WIN.AD. I have configured Kerberos on my workstation
and can get my krbtgt from the AD using my account--so far so good.
I have created a second realm for my servers, lets call this realm
NOT.WIN.AD,
