#700 Add option to select validate and FAST keytab principal name
Closed: Fixed None Opened 10 years ago by sgallagh.

We should default to using a keytab entry with the domain's Kerberos realm, but it should be possible to configure it to use a specific principal (possibly of another, trusted realm) for validation and setup of a FAST tunnel.


If no keytab is available it should also be possible to use anonymous pkinit instead.

Replying to [comment:1 simo]:

If no keytab is available it should also be possible to use anonymous pkinit instead.

I agree, can you open a new ticket to track this?

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.6.0

Related to #781

coverity: =>
owner: sbose => jzeleny
upgrade: => 0

Fields changed

status: new => assigned

Fixed by 8cf1b41

patch: => 0
resolution: => fixed
status: assigned => closed

Metadata Update from @sgallagh:
- Issue assigned to jzeleny
- Issue set to the milestone: SSSD 1.6.0

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1742

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata