So how would one handle "out of domain principals" ?
example:

you have an internal domain: internal.ipa
and an external domain: company.com

You have a host that is external so it's hostname is host.company.com
You want to kerberize the webserver that runs on that host and access it by
it's "real" fqdn host.company.com.

Do you create different principals for the different services then?
like host/host.internal....@internal.ipa
and for the webserver http/host.company....@internal.ipa

And make sure there are SRV/TXT records for the INTERAL.IPA in the company.com 
domain?


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to