Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 11-06-2008, 02:58 PM   #1
LQ Newbie
Registered: Jul 2005
Posts: 2

Rep: Reputation: 0
kerberos authentication for multiple realms

I've found a lot of documentation on setting up kerberos servers for multiple realms, but nothing about setting up the clients.

Our corporate setup, based on active directory, has multiple realms for users, by country.


and so on. If you log into a windows box, there is the default domain for your region, but you can always prefix your login name with your region and get in on any machine. FR\GEORGE

Under linux, you can log in with your username, but there doesn't seem to be a way to pass your region identifier, to allow kerberos authentication to work. What you see in the security log is something like this; (for a user from a non-FR domain) - US\username

Nov 6 11:26:41 host23 sshd[21959]: pam_krb5[21959]: authentication fails for 'username' (username@FR.EXAMPLE.COM): User not known to the underlying authentication module (Client not found in Kerberos database)

krb5.conf looks like this;
kdc =
admin_server =
default_domain =

Is there anyway to tell the client to try alternative domains?
Old 11-19-2008, 12:54 PM   #2
Registered: Dec 2004
Location: Raleigh, NC
Distribution: CentOS 2.6.18-53.1.4.el5
Posts: 770

Rep: Reputation: 43
have you tried this?

ssh FR+username@FR.EXAMPLE.COM
Old 11-20-2008, 12:02 PM   #3
LQ Newbie
Registered: Jul 2005
Posts: 2

Original Poster
Rep: Reputation: 0
Originally Posted by ncsuapex View Post
have you tried this?
It does not seem to make any difference.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
NFSver4 with Kerberos Authentication lakshminarayan Linux - Security 0 08-16-2006 05:20 AM
Kerberos Authentication Comatose51 Linux - Security 2 08-30-2005 06:44 AM
Kerberos Authentication cwinter00 Linux - Security 1 06-16-2005 12:56 PM
Samba Kerberos Authentication SNunweiler Linux - Networking 7 08-25-2004 10:27 AM
Authentication via Kerberos grubjo Linux - Security 0 07-30-2004 11:48 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:28 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration