Windows not using SRV rr's to locate KDCs
Richard E. Silverman
res at qoxp.net
Sat Feb 2 20:59:24 EST 2008
I have an AD realm, FOO.COM, and an MIT realm, UNIX.FOO.COM, with two-way
trust between them. I am using kerberized services on hosts in the UNIX
realm from Windows XP clients. If I explicitly list KDCs with ksetup
thus:
> ksetup /addkdc UNIX.FOO.COM kdc.unix.foo.com
... it works. However, the ksetup documentation says that if I omit the
KDC:
> ksetup /addkdc UNIX.FOO.COM
... Windows should use SRV records to locate the KDCs. It's not doing
that. I have snooped network traffic on the client; it is not doing any
DNS lookups for SRV records at all.
Any help?
Thanks,
--
Richard Silverman
res at qoxp.net
More information about the Kerberos
mailing list