principal name containing domain

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

principal name containing domain

Bin Lu
Hi,

I created a principal with user name containing the domain name (in format of <domainname>\<username>) using krb5_parse_name(). But when I converted it back using krb5_unparse_name(), the backslash ("\") is disappeared and the name became <domainname><username>.

What is the right way to pass the username with domain name in the principal?

Thanks,
-binlu
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

RE: principal name containing domain

Bin Lu
If I pass in "domain\\username", the converted principal name is "domainusername"; but if I pass in "domain\\\\username", the converted name becomes "domain\\username" (double backslash).

-binlu

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of Bin Lu
Sent: Saturday, October 11, 2014 4:23 PM
To: [hidden email]
Subject: principal name containing domain

<html>
Hi,

I created a principal with user name containing the domain name (in format of <domainname>\<username>) using krb5_parse_name(). But when I converted it back using krb5_unparse_name(), the backslash ("\") is disappeared and the name became <domainname><username>.

What is the right way to pass the username with domain name in the principal?

Thanks,
-binlu
_______________________________________________
krbdev mailing list             [hidden email]
https://urldefense.proofpoint.com/v2/url?u=https-3A__mailman.mit.edu_mailman_listinfo_krbdev&d=AAICAg&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=OoT5VLtV-av2TWtGCL3lvAfjqGLD0FLH3lQvyqxLjdc&m=D-rZsByP7NVd16naSqKGL4D2B9gQISUUiXJpgbHOMik&s=DZH50tlxgAw8P7vmOKgK49f8ThRv3mVHi4pMJQxul-k&e= 

_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev
Reply | Threaded
Open this post in threaded view
|

RE: principal name containing domain

Benjamin Kaduk-2
I am very confused about what the ultimate goal of this process.

There is a common idiom to have what are called "host-based service
principals" (e.g., imap/[hidden email]), and
handling the corresponding DNS resolution of the hostname, etc..

The above principal name is a name with two "components", separated by the
forward slash '/' for the text representation.  In many data structures,
the '/' is not present, and the components are represented as (e.g.)
separate C strings.

I do not think there is any convention at all involving the use of
backward slashes '\' in principal names.  I am very surprised to see an
attempt to use them, and very not surprised that aspects of attempting to
use them are not working as expected.

-Ben Kaduk

On Sat, 11 Oct 2014, Bin Lu wrote:

> If I pass in "domain\\username", the converted principal name is "domainusername"; but if I pass in "domain\\\\username", the converted name becomes "domain\\username" (double backslash).
>
> -binlu
>
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On Behalf Of Bin Lu
> Sent: Saturday, October 11, 2014 4:23 PM
> To: [hidden email]
> Subject: principal name containing domain
>
> <html>
> Hi,
>
> I created a principal with user name containing the domain name (in format of <domainname>\<username>) using krb5_parse_name(). But when I converted it back using krb5_unparse_name(), the backslash ("\") is disappeared and the name became <domainname><username>.
>
> What is the right way to pass the username with domain name in the principal?
>
> Thanks,
> -binlu
> _______________________________________________
> krbdev mailing list             [hidden email]
> https://urldefense.proofpoint.com/v2/url?u=https-3A__mailman.mit.edu_mailman_listinfo_krbdev&d=AAICAg&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=OoT5VLtV-av2TWtGCL3lvAfjqGLD0FLH3lQvyqxLjdc&m=D-rZsByP7NVd16naSqKGL4D2B9gQISUUiXJpgbHOMik&s=DZH50tlxgAw8P7vmOKgK49f8ThRv3mVHi4pMJQxul-k&e=
>
> _______________________________________________
> krbdev mailing list             [hidden email]
> https://mailman.mit.edu/mailman/listinfo/krbdev
>
_______________________________________________
krbdev mailing list             [hidden email]
https://mailman.mit.edu/mailman/listinfo/krbdev