[36667] in Kerberos
Re: Fail over in krb5.conf to next listed KDC entry?
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Dec 9 13:22:20 2014
Message-ID: <54873D9D.1040900@mit.edu>
Date: Tue, 09 Dec 2014 13:21:17 -0500
From: Greg Hudson <ghudson@mit.edu>
MIME-Version: 1.0
To: kerberos@mit.edu
In-Reply-To: <CALNT6MVwkD2+LJdsvM7NgqHSm0fhR82Lfhi-HgOW9UJ7DtsF6Q@mail.gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 12/09/2014 12:20 AM, Todd Grayson wrote:
> Is there a configurable timeout value that can be set in the krb5.conf to
> tell a client how long to wait for a response from a KDC before failing
> over to the next listed kdc entry for a specific REALM in the [realms]
> section of the krb5.conf?
No, and I don't believe we have ever supported a krb5.conf variable for
this.
> Is that kdc_timeout parameter only for sun/oracle's solaris SEAM
> implementation of kerberos?
>
> Or is only the java JGSS implementation recognizing this kdc_timeout value?
It doesn't look like the Solaris C implementation of Kerberos supports a
kdc_timeout config variable. I don't know about JGSS. Heimdal does
appear to support it.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
