PreviousNext

Realms and Cells

In Kerberos, a realm defines an administrative boundary and has a unique name. A realm consists of the KDC and all the security clients (application servers and application clients) registered to that KDC.

When using the DCE Security Server as a KDC, the term "cell'' is used. A cell is roughly equivalent to a realm.

By convention, Kerberos uses uppercase realm names, which appear as suffixes in principal names such as david@MYREALM.COM.

A DCE cell name must be lowercase and have a prefix of leading /.../ in a principal name, such as /.../my_kdc_cell.com/david.