timeout period for failed kdc in /etc/krb5.conf
Chris H
xtofer at mail.com
Thu Jun 9 11:47:48 EDT 2005
hi.
i'm using the MIT kerberos implementation 1.4.1 to connect samba to
active directory, as a lot of other people would be too. i have no
problems with this - it seems to work beautifully!
my question is, how nicely would it work if the domain-controller i've
specified as the KDC in my /etc/krb5.conf happens to die?
i've specified two KDCs actually:
[realms]
BLAH.BLAH.COM = {
default_domain = BLAH.BLAH.COM
kdc = 1.2.3.4
kdc = 1.2.3.5
}
if the first kdc is down, or even worse (up but malfunctioning), will
every request take longer because it's waiting for a timeout on the
first kdc?
can i specify any more options or even some nice form of loadbalancing
here?
i should be able to at least!?
and no i don't use DNS, for reasons out of my control.
Chris
More information about the Kerberos
mailing list