Kerberos Database Sync with Sub-Domains

2020-07-13 Thread Jonathan Towles
Hi All, I wanted to ask a question that I have been unable to get clear information on. Is it technically or functionally possible to get a Kerberos ticket for someone in the sub-domain against the parent domain Example: User j...@boston.synterex.com wants to g

RE: Kerberos Database Sync with Sub-Domains

2020-07-14 Thread Jonathan Towles
not sure if you can actually make #2 work or not. When I have tried, I get user not found in the database issues. Jon Towles CTO, Synterex (m) 978-609-5545 -Original Message- From: Bryan Mesich Sent: Monday, July 13, 2020 11:01 PM To: Jonathan Towles Cc: kerberos@mit.edu Subject: Re: Ke

RE: Kerberos Database Sync with Sub-Domains

2020-07-14 Thread Jonathan Towles
m) 978-609-5545 -Original Message- From: Isaac Boukris Sent: Tuesday, July 14, 2020 8:38 AM To: Jonathan Towles Cc: Bryan Mesich ; kerberos@mit.edu Subject: Re: Kerberos Database Sync with Sub-Domains On Tue, Jul 14, 2020 at 2:23 PM Jonathan Towles wrote: > > Hi Bryan, > &g

RE: Kerberos Database Sync with Sub-Domains

2020-07-14 Thread Jonathan Towles
do a kinit -E with their samaccountname or email address, it says they're not found if they are in a child domain. Jon Towles CTO, Synterex (m) 978-609-5545 -Original Message- From: Isaac Boukris Sent: Tuesday, July 14, 2020 9:35 AM To: Jonathan Towles Cc: Bryan Mesich ; k

RE: Kerberos Database Sync with Sub-Domains

2020-07-14 Thread Jonathan Towles
Isaac Boukris Sent: Tuesday, July 14, 2020 9:54 AM To: Jonathan Towles Cc: Bryan Mesich ; kerberos@mit.edu Subject: Re: Kerberos Database Sync with Sub-Domains On Tue, Jul 14, 2020 at 3:37 PM Jonathan Towles wrote: > > I'm working with an application inside of a Docker container that u

Kerberos Timeouts and Broken Pipes

2020-11-25 Thread Jonathan Towles
Hi All, A client of mine has an issue with pipes breaking/timeouts because their service account is cross-realm located in a realm in a different country (Probably 3-500 MS between them). Does anyone have any recommendations when using a Service Account in one domain, and using its TGT to requ

Load Balancing KCDs

2021-02-18 Thread Jonathan Towles
Does anyone have experience putting DCs behind a network load balancer for Kerberos Authentication? Depending on who you ask, it doesn't really work. I wanted to ask the group to see if anyone has strong experience in doing it and if it's feasible? Jon Towles CTO, Synterex (m) 978-609-5545 [VM

RE: Load Balancing KCDs

2021-02-18 Thread Jonathan Towles
kdc = kerberos-2.mit.edu:750 admin_server = kerberos.mit.edu master_kdc = kerberos.mit.edu default_domain = mit.edu Jon Towles CTO, Synterex (m) 978-609-5545 -Original Message- From: Robbie Harwood Sent: Thursday, February 18, 2021 4:48 PM To: Jonat