Changing the KDC's hostname?
Richard E. Silverman
res at qoxp.net
Wed Jan 9 23:21:01 EST 2008
>>>>> "RA" == Russ Allbery <rra at stanford.edu> writes:
RA> "bryan at virginia.edu" <catselbow at gmail.com> writes:
>> I'd like to change the hostname of my kdc, but I'm worried that
>> this will break kerberos. What steps should I take to ensure this
>> doesn't happen? I'm running MIT kerberos version 1.6.2 under
>> CentOS 5. I have a primary KDC and a backup KDC.
RA> As long as you update DNS SRV records and krb5.conf files
RA> accordingly, changing the hostname shouldn't be an issue. The
RA> Kerberos database itself doesn't care about the local hostname.
RA> -- Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
One possible side issue is kprop -- when you change the hostname you'll
have to authorize the new host principal to push the database to the
slaves (kpropd.acl).
--
Richard Silverman
res at qoxp.net
More information about the Kerberos
mailing list