If I want to allow the host principal for a given system to manage other hostname-based principals for the same host (to enable some kind of automation, say), based on the documentation, I would expect that an entry in kadm5.acl that looks like this:
host/*@MYREALM.COM x */*[email protected] would permit: host/[email protected] to create: nfs/[email protected] or HTTP/[email protected] But this does not seem to be the case with 1.11.3. Is my expectation unreasonable? jd ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
