how is this substitution string working?
I am working with kerberos configuration (specifically the krb5.conf file)
and there is a specific section called auth_to_local mappings and it is
defined here:
http://web.mit.edu/Kerberos/krb5-1.9/krb5-1.9.5/doc/krb5-admin.html
A typical mapping entry looks like this:
auth_to_local = RULE:[1:$0\$1](^DOMAIN\.COM\\.*)s/^DOMAIN\.COM/DOMAIN/
The man page states the exact syntax, but basically the above line would
look for a UPN like:
user@DOMAIN.COM and convert it to DOMAIN.COM\user and see if it can match
DOMAIN.COM and if so, substitute in just DOMAIN. So, end result would be
DOMAIN\user.
However, we have an entry (that works) in this format:
auth_to_local = RULE:[1:$0\$1](^DOMAIN\.COM\\.*)s/^DOMAIN\.COM\\//
Seemingly, it is substituting the DOMAIN.COM with some kind of null value,
but I can't decode what this "\\//" syntax means.
I'm not sure if this rule uses standard sed type syntax to
substitute...can someone wager some guesses as to the interpretation of
this?
No comments:
Post a Comment