[31078] in Kerberos
RE: cannot kinit to AD realm using alternative dns name
daemon@ATHENA.MIT.EDU (Mchugh, Sean)
Fri May 8 10:55:03 2009
X-Barracuda-Envelope-From: SMchugh@grey.com
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Fri, 8 May 2009 10:55:30 -0400
Message-ID: <DDC42FE5FB7EFA489717B14AB2AAB36D04128675@ex-777-02.ggg.grey.global>
In-Reply-To: <4A043ED4.3040800@anl.gov>
From: "Mchugh, Sean" <SMchugh@grey.com>
To: "Douglas E. Engert" <deengert@anl.gov>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Douglas E. Engert [mailto:deengert@anl.gov] wrote:
>
>
[..]
>
> Correct, Kerberos principals are case sensitive, (but Windows and DNS
> are insensitive.)
> So you realm name is GGG.LOCAL so must be upper case.
>
> > But not with: username@grey.com _or_ username@ggg.local ; error
message ...
thanks for the clarification. I was under the impression that
applications use [domain_realm] mappings
to translate the RHS of the userprincipalname to ucase or map the dns
domain. After re-reading the
man page section I understand the purpose now.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
