Loading...
 

Excursus to principals

Excursus to principals


Kerberos objects that can be authenticated are called principals. Principals consist of three parts:
primary/instance@realm

We already know what a realm is (or could be), but what are primary and instance? From the manpage of kerberos we learn, that the primary is usually a username or a service. The instance is usually null in case of a username, then the principal can be written as:
username@realm

In our case the instance is admin which denotes that we only want to select users that are in a "privileged instance". In case of a service, the instance is usually a hostname:
service/hostname@realm

Created by system. Last Modification: Friday 30 of September, 2005 22:05:01 GMT-0000 by admin.

Flattr me!