[Freeipa-users] Two kerberos realms for same domainname?
Johnny Westerlund
johnny.westerlund at atea.se
Wed May 8 19:54:59 UTC 2013
So how would one handle "out of domain principals" ?
example:
you have an internal domain: internal.ipa
and an external domain: company.com
You have a host that is external so it's hostname is host.company.com
You want to kerberize the webserver that runs on that host and access it by
it's "real" fqdn host.company.com.
Do you create different principals for the different services then?
like host/host.internal.ipa at INTERNAL.IPA
and for the webserver http/host.company.com at INTERNAL.IPA
And make sure there are SRV/TXT records for the INTERAL.IPA in the company.com domain?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130508/d9dbf535/attachment.htm>
More information about the Freeipa-users
mailing list