Indiana University
University Information Technology Services
  
What are archived documents?
Login>>
Login

Login is for authorized groups (e.g., UITS, OVPIT, and TCC) that need access to specialized Knowledge Base documents. Otherwise, simply use the Knowledge Base without logging in.

Close

At IU, what Kerberos realms are in use?

There is currently only one Kerberos realm at Indiana University, ADS.IU.EDU. This domain is provided by Indiana University's Active Directory services on Windows Server operating systems. Any Kerberos-authenticated service can reside in this realm.

Restricting access to services by campus

Kerberos should be used only for authentication, not authorization. To allow only users from a particular campus to access a service, for example, you can't rely on Kerberos alone. In other words, you can use the ADS.IU.EDU Kerberos realm to determine whether users are who they say they are, but use some other service to determine what those users are allowed to access, such as an Active Directory security group.

For more, see In Microsoft Active Directory, what are security and distribution groups?

This is document alje in domain all.
Last modified on October 22, 2009.

Comments/Questions/Corrections

Use this form to offer suggestions, corrections, and additions to the Knowledge Base. We welcome your input!

If you are affiliated with Indiana University and would like assistance with a specific computing problem, please use the Ask a Consultant form, or contact your campus Support Center.

Contact Information

Note: We will reply to your comment at this address. If your message concerns a problem receiving email, please enter an alternate email address.