[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

domain/realm-mapping

To: "'heimdal-discuss@sics.se'" <heimdal-discuss@sics.se>
Subject: domain/realm-mapping
From: Holger van Lengerich <gimli@uni-paderborn.de>
Date: Wed, 1 Dec 1999 22:28:40 +0100 (MET)
In-Reply-To: <23DDA249C1CBD011A8C5006097540D2B6B8BE8@rock.cefriel.it>
Sender: owner-heimdal-discuss@sics.se

Hi,

I set up a Heimdal KDC 0.2d on Solaris 2.6. Allmost everything works
fine. Even kerberized NFS (Sun SEAM 1.0) authenticates against my Heimdal
KDC. ;-) Thanks for the great work!

My only Problem is the domain <-> realm mapping. As hostnames are resolved
against NIS/YP, Heimdal-Clients gets unqualified hostnames, even if the FQDN
was supplied as parameter. 

Is there a way to get Heimdal using FQDN's instead of crippled hostnames?

In my test-szenario with 5 hosts, I can do realm-mapping by making an entry
for each host in krb5.conf. But this gets impractical, if we deploy Heimdal
on all of our 400 Unix-boxes. ;)

BTW: Is there a recommended mechism to regularly change service-keys. 

Regards,
    Holger

----------------------------------------------------------------------------
 Holger van Lengerich - University of Paderborn - Dept. of Computer Science
  System-Administration - Warburger Str. 100 - D 33098 Paderborn - Germany
   mailto:gimli@uni-paderborn.de - http://www.uni-paderborn.de/admin/gimli

Follow-Ups:
- Re: domain/realm-mapping
  - From: Frank Cusack <fcusack@iconnet.net>
- Re: domain/realm-mapping
  - From: Assar Westerlund <assar@sics.se>

Next by Date: Re: domain/realm-mapping
Next by thread: Re: domain/realm-mapping
Index(es):
- Date
- Thread