[30652] in Kerberos
Re: MIT kadmin not using DNS
daemon@ATHENA.MIT.EDU (Julius)
Mon Jan 26 22:51:36 2009
From: Julius <commercials@gmx.net>
To: kerberos@mit.edu
Date: Tue, 27 Jan 2009 04:51:30 +0100
Message-Id: <1233028290.6414.6.camel@wf>
Mime-Version: 1.0
Cc: "Richard E. Silverman" <res@qoxp.net>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Mon, 2009-01-26 at 19:45 -0500, Richard E. Silverman wrote:
> A (I hope) quick question: I see claims in various places (including
the
> O'Reilly Kerberos book), that kadmin will use DNS SRV records to
locate the
> admin server -- but it doesn't seem to. The Solaris derivative *does*
do
> this, and works for us, but running MIT kadmin in the same environment
> requires the admin_server parameter in krb5.conf.
>
> Any ideas?
>
This works for heimdal
/etc/dnsmasq.conf:
domain=localdomain.de
srv-host=_kerberos-adm._udp,night_crawler.localdomain.de,88
srv-host=_kerberos-adm._tcp,night_crawler.localdomain.de,88
srv-host=_kerberos-adm._tls._tcp,night_crawler.localdomain.de,88
srv-host=_kerberos._udp.LOCALDOMAIN.DE,night_crawler.localdomain.de,88
srv-host=_kerberos._tcp.LOCALDOMAIN.DE,night_crawler.localdomain.de,88
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
