Hi, We try to unify authentification between two departements in our university. The two departments have their own kdc, so cross realm should be the more interesting thing. What I have understand, is that a client from site A with a TGT from A can ask for a cross realm TGT for B site and access to all SSOised application to B. But suppose that a user from site A go to site B. How can he authentificate on a machine from site B (linux/windows computers using kdc B authentification)? does cross realm permit such things? Or should this user have an account on site B to?
Thank's for your help Regards, Hubert ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos