Interesting, yeah I think you self resolved with what you did with
KRB5REALM.
On Fri, Apr 24, 2015 at 4:13 PM, Ben H bhen...@gmail.com wrote:
Not exactly, though the answer to that use case might be the same.
My use case is that my system was (is) a client of REALMA.COM.
Now, I want to run a
So it sounds like you're still saying that the contents of my krb5.conf
file will be read by krb5kdc and there is a good chance that something
specified in my krb5.conf (for my client implementation) may override or
merge with my server config *possibly* disrupt my KDC?
This is probably unlikely
I'm trying to follow the client need for default_realm vs having additional
kerberos REALM entries present in your [realms] section of your krb5.conf.
If there was no default_realm defined, what does the client do
(see default_realm at
On 04/24/2015 03:44 PM, Ben H wrote:
From a client perspective, if I want to switch to using a different
krb5.conf file, I just use:
export KRB5_CONFIG=/etc/alternate-krb5.conf
But the server will always try to use /etc/krb5.conf
The expected behavior is:
* Every process uses
In regard to: Re: specifying an alternate realm/krb5.conf configuration for...:
2) Set KRB5REALM=REALMB in /etc/sysconfig/krb5kdc
#2 is working for me, and is maybe the correct answer to this question.
For RHEL-derived systems, that is the appropriate way to do what you're
trying to do.
Are you trying to run multiple realms (and db's) on the same KDC?
On Fri, Apr 24, 2015 at 2:59 PM, Ben H bhen...@gmail.com wrote:
Sorry, I did mean kdc.conf - and on my implementation it is
in /var/kerberos/krb5kdc.
I do understand:
kdc.conf = server config
krb5.conf = client config
But