Hello,
my example may be uncommon, but imagine an application which is not
kerberized
wants to use the passwords of a KDC for user authentication.
To make the situation even more special, assume the principal is stored in
a KDC which only can be accessed via cross realm trust.
------------ ------------
KDC A KDC B
Realm: A.COM <---trust ---> Realm: B.COM
------------ ------------
--------------
host.other.com
--------------
Let the application be kinit, for example:
Now, assume the user's password is stored in realm B.COM and the user at
host.other.com is only able to access KDC A. Is it possible to get
host.other.com: $ kinit [email protected]
working?
Sonja
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
