> On Jul 17, 2014, at 12:37, Greg Hudson <ghud...@mit.edu> wrote: > >> On 07/16/2014 06:34 PM, John Devitofranceschi wrote: >> host/*@MYREALM.COM x */*1...@myrealm.com > > This works for me in 1.11, 1.12, and the master branch. So, your > expectation isn't unreasonable, but I'm not sure why it doesn't work for > you. > > Note that kadmind will not reread its ACL file until it is restarted.
I can get it to work with other wild card use cases, like: *@MYREALM.COM cli *1/ad...@myrealm.com Just not the example I gave originally. It seems that KRB5_TRACE is not much help with kadmind in this case either. jd
________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
