So how would one handle "out of domain principals" ? example: you have an internal domain: internal.ipa and an external domain: company.com
You have a host that is external so it's hostname is host.company.com You want to kerberize the webserver that runs on that host and access it by it's "real" fqdn host.company.com. Do you create different principals for the different services then? like host/host.internal....@internal.ipa and for the webserver http/host.company....@internal.ipa And make sure there are SRV/TXT records for the INTERAL.IPA in the company.com domain?
_______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users