| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
From: Ken Raeburn <raeburn@MIT.EDU> To: Matthew.GARRETT@external.total.com In-Reply-To: <OF0DD75CC8.00B0AA56-ON8025757E.005A11A8-8025757E.005C07CC@total.com> Message-Id: <3ED72BA0-5F04-4355-8658-4C29F9381FE3@mit.edu> Mime-Version: 1.0 (Apple Message framework v930.3) Date: Thu, 19 Mar 2009 15:52:23 -0400 Cc: kerberos@MIT.EDU Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kerberos-bounces@MIT.EDU On Mar 19, 2009, at 12:45, Matthew.GARRETT@external.total.com wrote: > DNS both forward and reverse work fine for the Slave KDC By "work fine", do you mean that when you look up hutch.uk.ad.ep.corp.local you get an address (or more than one), and when you look up that address, you get back the name hutch.uk.ad.ep.corp.local? Or do you just mean you get a name back? In the default configuration of the MIT code, the name you get back from looking up the address is generally the name that'll be used in constructing a principal name. Does your config file or DNS data indicate that hutch.uk.ad.ep.corp.local is in UK.AD.EP.CORP.LOCAL? Check the log file on the KDC. It should indicate some kprop/* principal being looked up if the host name is coming out wrong, or possibly some krbtgt/* principal if it's coming up with the wrong realm name. Ken ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |