On 04/24/2015 03:44 PM, Ben H wrote: > From a client perspective, if I want to switch to using a different > krb5.conf file, I just use: > > export KRB5_CONFIG=/etc/alternate-krb5.conf > > But the server will always try to use /etc/krb5.conf
The expected behavior is: * Every process uses $KRB5_CONFIG, defaulting to /etc/krb5.conf. * KDC-ish processes (krb5kdc, kadmind, kdb5_util, etc.) also use $KRB5_KDC_PROFILE, defaulting to something like /var/krb5kdc/kdc.conf. If both files exist, the contents are merged, with the values from krb5.conf usually taking precedence (but we're not 100% consistent about that). krb5kdc accepts a -r flag telling it what realm(s) to serve, so you may not need to point it at a config file giving a different default_realm value. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
