[31502] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Ksetup and DNS SRV for X Real resolution.

daemon@ATHENA.MIT.EDU (damian crosby)
Wed Sep 23 15:01:04 2009

X-IP-MAIL-FROM: decrosby@tiscali.co.uk
From: "damian crosby" <decrosby@tiscali.co.uk>
To: <kerberos@mit.edu>
Date: Wed, 23 Sep 2009 18:56:30 +0100
Message-ID: <398094A1DFB54248B93C70C68E1B9F65@crosbyxp>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

Hi,

When creating xrealm trusts to enable the Windows domain to locate the MIT
equivalent you typically run ksetup /addkdc Realm kdc.realm This creates an
entry in the registry which is an equivalent to the Krb5.conf file. The
Windows Kerberos SSP looks in the registry for the DNS domain name and uses
DNS to resolve this to the appropriate IP. 

Q. Instead of manually specifying the KDC's can Windows use DNS SRV records
to locate the MIT KDC as per RFC 2052? Has anyone had success with this?

Thanks.

________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[31502] in Kerberos

Ksetup and DNS SRV for X Real resolution.

daemon@ATHENA.MIT.EDU (damian crosby)Wed Sep 23 15:01:04 2009

daemon@ATHENA.MIT.EDU (damian crosby)
Wed Sep 23 15:01:04 2009