Hi there. I have a mac os server running MIT krb5 v1.7 ; it's been working great for a while now. The realm used is M.DOMAIN.COM
I am in the process of setting up a Windows 2008 server with Active Directory. The name of the new domain will be MEL.DOMAIN.COM I'm trying to understand how I can configure the MIT kerberos server to accept realm coming from AD. I have read the MIT documentation and created on both kdc krbtgt/[email protected] krbtgt/[email protected] I then edited the kerberos krb5.conf with the appropriate capaths and configured AD to accept M.DOMAIN.COM issued tickets. What I'm unclear about however, is do I need to configure all kerberos clients in a similar fashion or is this done only on the 2 kdcs ? In particular, I have a FreeBSD server running MIT krb5 1.9 with mod_auth_kerb . It is set to accept M.DOMAIN.COM realm . Do I need to explicitely configures it to accept MEL.DOMAIN.COM realm, or because the two kdcs are configured to accept each other it will then be automatic ? Thank you Jean-Yves ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
