[24056] in Kerberos
timeout period for failed kdc in /etc/krb5.conf
daemon@ATHENA.MIT.EDU (Chris H)
Thu Jun 9 15:53:59 2005
From: "Chris H" <xtofer@mail.com>
Date: 9 Jun 2005 08:47:48 -0700
Message-ID: <1118332068.210846.252410@g43g2000cwa.googlegroups.com>
To: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
hi.
i'm using the MIT kerberos implementation 1.4.1 to connect samba to
active directory, as a lot of other people would be too. i have no
problems with this - it seems to work beautifully!
my question is, how nicely would it work if the domain-controller i've
specified as the KDC in my /etc/krb5.conf happens to die?
i've specified two KDCs actually:
[realms]
BLAH.BLAH.COM = {
default_domain = BLAH.BLAH.COM
kdc = 1.2.3.4
kdc = 1.2.3.5
}
if the first kdc is down, or even worse (up but malfunctioning), will
every request take longer because it's waiting for a timeout on the
first kdc?
can i specify any more options or even some nice form of loadbalancing
here?
i should be able to at least!?
and no i don't use DNS, for reasons out of my control.
Chris
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
