[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Kerberos realm mapping problem

David McBride wrote:
Can you get by without any kind of Condor-specific domain-to-Realm
mapping, and simply let the Kerberos libraries use the defaults in

I've done it now by ignoring the apparently broken CONDOR_SERVER_PRINCIPAL and doing the following:


So finally I got our Linux hosts to authenticate with the AD without having to use the map file at all.

But now I've hit another major problem when trying to get the Windows Condor clients to do the same... it looks like Condor for Windows is linked to MIT's Kerberos libraries rather than using the MS Kerberos interface, and of course our Windows systems don't have a krb5.ini or keytab file (and that's not something I'm going to be able to change).

Liam Gretton                                    L.Gretton@xxxxxxxxxxx
Computing Services                            http://www.lboro.ac.uk/
Loughborough University                       Tel: +44 (0)1509 228431
Leicestershire LE11 3TU
United Kingdom