I have been wondering about necessary inclusions in a krb5.conf file for use on a windows box that is ALSO joined and authenticating to AD.
We have to kerb realms; an original MIT kerb5 realm, and a separate realm for AD. Our MIT realm is used to authentication users of afs. Our AD realm is used for ... things microsoft. Will KfW automagically handle obtaining tickets from the AD realm without having anything entries in the krb5.conf file? I have entries for both realms currently and I consistently get an error from the NetId Manager that it failed to get tickets for our AD realm. However, when I look in the NetId Manager I do indeed see various tickes from our AD realm. I'm thinking that perhaps the additional entries in the krb5.con file are superflous. We do get tickets and afs tokens properly from our MIT realm which makes afs happy. -- David Bear phone: 602-496-0424 fax: 602-496-0955 College of Public Programs/ASU University Center Rm 622 411 N Central Phoenix, AZ 85007-0685 "Beware the IP portfolio, everyone will be suspect of trespassing" ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
