clarify meaning of dns_lookup_kdc?
Jerry Shipman
jes59 at cornell.edu
Fri Nov 8 14:58:33 EST 2019
Hello,
Can you clarify for me exactly what dns_lookup_kdc does?
I am trying to help a user debug something. The user's config file has
dns_lookup_kdc=false
under [libdefaults]
and then does not specify any realms under [realms].
To my intuition, it should mean that nothing works at all.
But experimentally, it does work.
Doing some tcpdumping, I can see it do a DNS lookup to find the KDCs, even though dns_lookup_kdc is set false.
Perhaps the dns_lookup_kdc only affects realms that are defined in your [realms] section?
Thank you for your help,
Jerry
More information about the Kerberos
mailing list