Hi,
I need to setup kerberos for six distinct domain, there is no trust
relationship between each domain.
When I setup one domain by one, it's working.
After testing each domain one by one, I merge the keytab file, and change the
krb5.conf file:
[libdefaults]
default_realm = MSDEMO
default_keytab_name = FILE:C:\Kerberos\lcserver01.keytab
default_tkt_enctypes = rc4-hmac des-cbc-md5
default_tgs_enctypes = rc4-hmac des-cbc-md5
forwardable = true
renewable = true
noaddresses = true
clockskew = 300
[realms]
MSDEMO = {
kdc = dc.msdemo.local:88
default_domain = dc.msdemo.local
}
MSDEMO2 = {
kdc = dc2.msdemo2.local:88
default_domain = msdemo2.local
}
[domain_realm]
.msdemo.local = MSDEMO
.msdemo2.local = MSDEMO2
When I merge the keytab of this two domains and change the krb5.conf, just the
authentication for MSDEMO is working.
When I change the krb5.conf, and enter default_realm = MSDEMO2, the
authentication is working for MSDEMO2.
It's possible to make the authentication works for the both domain in the same
time ?
Regards.
Flavien.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
