How to Provide Credential Mapping Between Realms
This procedure provides appropriate credential mapping between realms
that use the same password file. In this example, the realms CORP.EXAMPLE.COM and SALES.EXAMPLE.COM use the same password
file. The credentials for bob@CORP.EXAMPLE.COM and bob@SALES.EXAMPLE.COM are mapped to the same UID.
-
Become superuser.
-
On the client system, add entries to the krb5.conf file.
# cat /etc/krb5/krb5.conf
[libdefaults]
default_realm = CORP.EXAMPLE.COM
.
[realms]
CORP.EXAMPLE.COM = {
.
auth_to_local_realm = SALES.EXAMPLE.COM
.
}
|
Example 23–4 Mapping Credentials Between Realms Using the Same Password File
This example provides appropriate credential mapping between realms
that use the same password file. In this example, the realms CORP.EXAMPLE.COM and SALES.EXAMPLE.COM use the same password
file. The credentials for bob@CORP.EXAMPLE.COM and bob@SALES.EXAMPLE.COM are mapped to the same UID. On the client system, add entries to
the krb5.conf file.
# cat /etc/krb5/krb5.conf
[libdefaults]
default_realm = CORP.EXAMPLE.COM
.
[realms]
CORP.EXAMPLE.COM = {
.
auth_to_local_realm = SALES.EXAMPLE.COM
.
}
|
Troubleshooting
See Observing Mapping from GSS Credentials to UNIX Credentials to help with the process of troubleshooting credential
mapping problems.
以 PDF 格式下載這本書 (4851 KB)