Reading KDCs from DNS (multiple domain controlers and KDCs)
Pawe?
paci at w.pl
Mon Apr 18 09:15:40 EDT 2005
I need to support configuration with many Domain Controlers. I found
that I can enter many KDCs in krb5.conf file f.e.:
[realms]
XYZ.INTERNAL.COM = {
kdc = s1.xyz.internal.com:88
kdc = s2.xyz.internal.com:88
}
Is it correct ?
I've heard that it is possible to read all domain controlers (and
kerberos KDCs) from DNS. Could you tell me how to do it ? I found
parameter dns_lookup_kdc which is set krb5.conf file. May be it is the
one used for that purpose ?
Configuration:
KDC: Windows 2000 domain
User to be authenticated from: PC workstation with Oracle 9.2 with
Advanced Security on Windows 2000 or XP
Service principal for: Oracle 9.2 with Advanced Security database on
True64 unix v. 5.1
I will be thankfull for any help.
Best regards,
Pawel Ciborski
More information about the Kerberos
mailing list