Date: | Mon, 25 Jan 2021 08:23:30 +0000 |
To: | "krb5-bugs@mit.edu" <krb5-bugs@mit.edu> |
From: | "Ulf Bremer" <ubremer@juniper.net> |
Subject: | Documentation__krb5.conf |
Hi,
I can't get my head around how the following can be consistent / right:
"
[domain_realm]
The [domain_realm] section provides a translation from a domain name or hostname to a Kerberos realm name. The tag name can be a host name or domain name, where domain names are indicated by a prefix of a period (.).
...
[domain_realm]
crash.mit.edu = TEST.ATHENA.MIT.EDU < --- according to the above a host
.dev.mit.edu = TEST.ATHENA.MIT.EDU < --- according to the above a domain
mit.edu = ATHENA.MIT.EDU < --- according to the above a _host_
... dev.mit.edu ... is matched by the third entry, which maps the host mit.edu and _all hosts under the domain mit.edu_ ... into the realm ATHENA.MIT.EDU.
"
How can a non-domain (as it doesn't start with a . ) apply to "all hosts under the domain"? Any clarification would be much appreciated.
Regards
Ulf
Juniper Business Use Only
I can't get my head around how the following can be consistent / right:
"
[domain_realm]
The [domain_realm] section provides a translation from a domain name or hostname to a Kerberos realm name. The tag name can be a host name or domain name, where domain names are indicated by a prefix of a period (.).
...
[domain_realm]
crash.mit.edu = TEST.ATHENA.MIT.EDU < --- according to the above a host
.dev.mit.edu = TEST.ATHENA.MIT.EDU < --- according to the above a domain
mit.edu = ATHENA.MIT.EDU < --- according to the above a _host_
... dev.mit.edu ... is matched by the third entry, which maps the host mit.edu and _all hosts under the domain mit.edu_ ... into the realm ATHENA.MIT.EDU.
"
How can a non-domain (as it doesn't start with a . ) apply to "all hosts under the domain"? Any clarification would be much appreciated.
Regards
Ulf
Juniper Business Use Only