Managing Kerberos and Other Authentication Services in Oracle® Solaris 11.2

Exit Print View

Updated: August 2014

How to Provide Credential Mapping Between Realms

This procedure provides appropriate credential mapping between realms that use the same password file. In this example, the realms CORP.EXAMPLE.COM and SALES.EXAMPLE.COM use the same password file. The credentials for username@CORP.EXAMPLE.COM and username@SALES.EXAMPLE.COM are mapped to the same UID.

Before You Begin

You must assume the root role. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .

  • On the client system, add default_realm and auth_to_local_realm entries to the krb5.conf file.
    # pfedit /etc/krb5/krb5.conf
    default_realm = CORP.EXAMPLE.COM
    auth_to_local_realm = SALES.EXAMPLE.COM


For help with troubleshooting credential mapping problems, see Observing Mapping From GSS Credentials to UNIX Credentials.