On 02/13/2015 11:52 AM, Gergely Czuczy wrote: > So, this means, when adding an alias, addition work is not needed, just > another value for krbPrincipalName? > I had the impression that some additional stuff needs to be stored along > with the alias, like, i don't know, keys, or whatever stuff. This part > wasn't clear from the docs.
The point of an alias is that it refers to the same principal entry, including keys. You do need to add a krbCanonicalName attribute so that the KDC knows which principal name is the canonical name. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
