Do you mean:
a) 1 user accessing services authenticated via 2 separate Kerberos systems?
b) Kerberos systems co-operating, such that 1 system will accept user
credentials issued by the other?
The former is really easy. The user can authenticate with multiple kerberos
realms quite easily, just by specifying different ticket caches when using kinit
(I open a new session and set KRB5CCNAME).
The latter is cross-realm authentication and requires joint-administrative
fiddling to setup.
I think you mean the former, which is not a problem at all.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds