If you are on linux *I think* this is functionality that sssd does out of the box although I've never tested it. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/Configuring_Domains.html
On 5 December 2016 at 19:15, Nordgren, Bryce L -FS <bnordg...@fs.fed.us> wrote: > The answer is probably going to be "you can't do that", but I figured I'd > ask anyway. > > Parameter #1: I have been allocated a handful of non-routable IP subnets > on a university network where I am a guest. > Parameter #2: Associated with the above is a single DNS subdomain. > Parameter #3: The university retains control over DNS and DHCP. > Parameter #4: The university set up the correct SRV records so that I can > operate a KDC on my subdomain. > > My question is: Is there any way to operate two KDCs on the same DNS > subdomain, serving complementary hosts? > > Reason #1: I want the "lightest footprint" possible, so as not to annoy > our hosts. > Reason #2: I want to take advantage of some of the centralized management > niceties of AD and FreeIPA for Windows and Linux, respectively. > Reason #3: I'm not sure I understand how to implement any kind of > automatic Win/Linux segregation at the network level. > Reason #4: Aside from the constraints Kerberos may (?) impose, I see no > compelling reason to corral machines into subdomains by OS. > > Thanks for your patience. > Bryce > > > > > This electronic message contains information generated by the USDA solely > for the intended recipients. Any unauthorized interception of this message > or the use or disclosure of the information it contains may violate the law > and subject the violator to civil or criminal penalties. If you believe you > have received this message in error, please notify the sender and delete > the email immediately. > ________________________________________________ > Kerberos mailing list Kerberos@mit.edu > https://mailman.mit.edu/mailman/listinfo/kerberos > ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
