Hi Rob,
local=/_kerberos-master._udp.example.com/
works like a charm. Really appreciate all the help.
Thanks and Regards,
Rahul.
/dev/rob0 wrote:
On Tue, May 04, 2010 at 03:29:27PM +0530, Rahul Amaram wrote:
Thanks a lot for your response. Please find my responses inline.
Btw, your last suggestion has helped me achieve the desired result
That's good, glad to hear it.
though I still feel it would be great to have dnsmasq return
NXDOMAIN only for a particular domain and forward the remainig
domain queries to upstream servers. For example, dnsmasq should be
configurable such that query for _kerberos-master._udp.example.com
is returned as NXDOMAIN where as queries for
_kerberos._udp.example.com and _kpasswd._udp.example.com are
forwarded to upstream server.
Something like
address=/_kerberos-master._udp.example.com/nxdomain
Actually I think this would work, but I'm not able to try it now:
local=/_kerberos-master._udp.example.com/
With no listings in /etc/hosts that should return NXDOMAIN, not
consulting upstream servers.
On Tuesday 04 May 2010 01:43 PM, /dev/rob0 wrote:
Show what Kerberos is actually looking up. Is it as you said,
_kerberos-master.udp.EXAMPLE.COM, or is is perhaps as per the
documented LDAP example, "_kerberos-master._udp.EXAMPLE.COM"?
I do not understand the difference. If the kerberos realm is
The difference is the leading underscore on the second segment,
"._udp." versus ".udp."