[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: multiple tgt's

To: heimdal-discuss@sics.se, lists@erentil.net
Subject: Re: multiple tgt's
From: Harald Barth <haba@kth.se>
Date: Mon, 28 Apr 2008 11:09:47 +0200 (CEST)
In-Reply-To: <4815925A.1060203@erentil.net>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
References: <20080426.220330.121797103.haba@habanero.pdc.kth.se><1209362826.21403.11.camel@oreade38.ifh.de><4815925A.1060203@erentil.net>
Reply-To: heimdal-discuss@sics.se, Harald Barth <haba@kth.se>


> No, there's no cross trust, so thats not a problem 

At your site.

> (although it seems that even if there were, if one is doing setting
> up multiple tgt's, and since at least one will have to be a kinit
> (ie, not from login) that kinit would ask which one to give
> preference to if they are both valid for a given task).

The kinit is only giving you the tgt. The "ask" stage would be when
you invoke the afslog, telnet, ssh, imap or whatever service you'd
use.

> > How about a configuration option in /etc/krb5.conf?

> krb5.conf would work fine, although I'd prefer a less static option
> (if both were available).

As /etc/krb5.conf is read by the library that would be a way, but I
have no idea how to specify that logic for my users nor do I expect
them to understand it any better than using multiple KRB5CCNAMEs.

Harald.

References:
- Re: multiple tgt's
  - From: Harald Barth <haba@kth.se>
- Re: multiple tgt's
  - From: Andreas Haupt <andreas.haupt@desy.de>
- Re: multiple tgt's
  - From: Jon Wilson <lists@erentil.net>

Prev by Date: Re: multiple tgt's
Next by Date: FROM BRIGHT WILLIAMS
Prev by thread: Re: multiple tgt's
Next by thread: Re: multiple tgt's
Index(es):
- Date
- Thread