[32962] in Kerberos
Kerberize Webserver outside our domain
daemon@ATHENA.MIT.EDU (Andreas Bruckmeier)
Wed Dec 15 02:44:47 2010
From: "Andreas Bruckmeier" <dev@bruckmeier.org>
To: <kerberos@mit.edu>
Date: Wed, 15 Dec 2010 08:44:09 +0100
Message-ID: <001601cb9c2b$dc29e110$947da330$@org>
MIME-Version: 1.0
Content-Language: de
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi all,
we will set up a new domain in our office using a windows server with active
directory and itīs Kerberos component.
In a test environment we where able to kerberize a local webserver with
mod_auth_kerb.
Now I have the question if it is possible to also kerberize a public
webserver standing outside our office, maybe with the webserver connected
via VPN for KDC-connections.
Is this possible and is this the main purpose of the domain_realm mapping?
If not, how could we solve this in a good way?
For example:
Local office domain -> company.lan -> Realm: COMPANY.LAN
The external webserver -> something.de -> Domain-Realm-Mapping:
.something.de = COMPANY.LAN
Best regards
Andi
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
