[Freeipa-users] Two kerberos realms for same domainname?
Johnny Westerlund
johnny.westerlund at atea.se
Wed May 8 16:41:26 UTC 2013
Hi all
I'm planning implementing a IPA server at a site where there is allready a working Active directory domain.
I would still like the machines from AD and IPA live in the same DNS domain.
Example.
AD Domainname = foo.bar
AD KERBEROS realm = FOO.BAR
a Host principal would look like: host/host1.foo.bar at FOO.BAR
Now i would like to introduce the IPA server under a different realm name but for the same DNS name.
IPA domainname = foo.bar
IPA KERBEROS realm = LINUX.FOO.BAR (or what ever)
a Host principal would look like: host/host2.foo.bar at LINUX.FOO.BAR
So basicly i would register the hostnames / PTR records in the microsoft DNS and use the IPA kerberos REALM for authentication.
Am i making any sense? is this asking for a world of hurt?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130508/80a0956b/attachment.htm>
More information about the Freeipa-users
mailing list