We have users internally that want to run sometimes as a "build" user we have. In our pre-Kerberos we'd just add sudo's to their machines. We can still do this, however they obviously don't get a tgt for this build user, so they can't access any kerberized apps as this build user, without typing in the password.
Is there any method for a principle to be allowed to obtain another principle's tgt (given a valid tgt for the first principle)? A kind of sudo for tgt's (Without just leaving around keytabs). Thanks Colin Simpson Network Manager Concept Systems Ltd This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If you are not the original recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you received this email in error, please immediately notify the sender and delete the original. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
