[krbdev.mit.edu #8948] DNS SRV query for _kpasswd._tcp.REALM

Wed Sep 16 18:11:46 EDT 2020

Wed Sep 16 18:11:46 2020: Request 8948 was acted upon.
 Transaction: Ticket created by dilyan.palauzov at aegee.org
       Queue: krb5
     Subject: DNS SRV query for _kpasswd._tcp.REALM
       Owner: Nobody
  Requestors: dilyan.palauzov at aegee.org
      Status: new
 Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8948 >

Hello,

kadmind listens to both TCP and UDP ports 749 and 464 (four ports).

KRB5_TRACE=/tmp/a kpasswd prints:

[11482] 1600291290.023827: Sending DNS SRV query for
_kpasswd._udp.REALM.
[11482] 1600291290.023828: Sending DNS SRV query for
_kpasswd._tcp.REALM.
[11482] 1600291290.023829: No SRV records found
[11482] 1600291290.023830: Sending DNS URI query for _kerberos-
adm.REALM.
[11482] 1600291290.023831: No URI records found
[11482] 1600291290.023832: Sending DNS SRV query for _kerberos-
adm._tcp.REALM.
[11482] 1600291290.023833: No SRV records found

https://web.mit.edu/kerberos/www/krb5-latest/doc/admin/realm_config.html talks about _kerberos-adm._tcp and _kpasswd._udp, but not about
_kpasswd._TCP.

Please verify whether _kpasswd._TCP is used and document it.

Regards
  Dilyan