define own SRV-record
Jeffrey Hutzelman
jhutz at cmu.edu
Wed Feb 26 13:46:09 EST 2025
No; the names of these records are fixed by the standards. You can
hand-configure the server names in krb5.conf instead of using DNS SRV
records. However, even then, your Kerberos realm should not have the same
name as a Windows domain -- that's essentially having two realms with the
same name, which will not work out well.
On Wed, Feb 26, 2025, 13:40 Stefan Kania <stefan at kania-online.de> wrote:
> Hi to all,
>
> I'm having the following problem:
>
> I set up an openldap with kerberos, now I want to add the srv-records
> for Kerberos, but as DNS-Server we MUST use a DNS-Server from Active
> Directory. So I can't add a srv-record _kerberos._tcp, because the
> domain controller of the AD are keeping these records. So I would like
> to add my own srv-record like _olkerberos._tcp so that I can use these
> srv-records for krb5.conf. I'm already doing this for sssd, because
> there I can configure the name of the srv-record. Can I do the same in
> krb5.conf? If yes what do I have to do?
>
> Thanks
>
> Stefan
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list