Managing Kerberos and Other Authentication Services in Oracle® Solaris 11.2

Exit Print View

Updated: August 2014
 
 

Map GSS Credentials to UNIX Credentials

The default mapping algorithm uses the primary name of the Kerberos principal to look up the UID. The lookup occurs in the default realm or any realm that is allowed by the auth_to_local_realm parameter in the /etc/krb5/krb5.conf file. For example, the user principal name jdoe@EXAMPLE.COM is mapped to the UID of the UNIX user named jdoe by using the password table. The user principal name jdoe/admin@EXAMPLE.COM is not mapped because the principal name includes the admin instance component.