To define foreign REALM commands to your Kerberos configuration file use:
/etc/skrb/krb5.conf
Foreign realm definitions are placed after the first realm section entry (which defines the Kerberos local realm). While the SDT REALM for the local realm is fixed as KERBDFLT, the administrator must select an 8‑character label for the REALM which identifies it to CA Top Secret. Foreign REALMNAME is specified differently than local realms, as this operand represents a Kerberos trust relationship:
/…/local_realm/krbtgt/foreign_realm /…/foreign_realm/krbtgt/local_realm
The ellipsis characters (…) are part of the Kerberos naming syntax. The two entries are necessary for the trust relationship and each entry has a different password. A pair of commands is required to define each direction of the Kerberos trust relationship at each local copy of CA Top Secret.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|