#700 Add option to select validate and FAST keytab principal name
Closed: Fixed None Opened 8 years ago by sgallagh.

We should default to using a keytab entry with the domain's Kerberos realm, but it should be possible to configure it to use a specific principal (possibly of another, trusted realm) for validation and setup of a FAST tunnel.


If no keytab is available it should also be possible to use anonymous pkinit instead.

Replying to [comment:1 simo]:

If no keytab is available it should also be possible to use anonymous pkinit instead.

I agree, can you open a new ticket to track this?

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.6.0

Related to #781

coverity: =>
owner: sbose => jzeleny
upgrade: => 0

Fields changed

status: new => assigned

Fixed by 8cf1b41

patch: => 0
resolution: => fixed
status: assigned => closed

Metadata Update from @sgallagh:
- Issue assigned to jzeleny
- Issue set to the milestone: SSSD 1.6.0

2 years ago

Login to comment on this ticket.

Metadata