On Thu, 2016-09-15 at 11:11 +0700, Victor Sudakov wrote:
> Dear Colleagues,
> 
> I'm trying to use a DNS TXT record to lookup domain to realm
> mappings:
> 
> $ dig +short txt _kerberos.mydomain.example
> "FOO.EXAMPLE"
> $ dig +short srv _kerberos._udp.mydomain.example
> 20 0 88 big.mydomain.example.
> 10 0 88 small.mydomain.example.
> 
> However, a Kerberos client, after correctly discovering its realm as
> "FOO.EXAMPLE", is trying to lookup _kerberos._udp.FOO.EXAMPLE etc.
> 
> Is it expected behaviour? I supposed it should be looking up
> _kerberos._udp.mydomain.example. 

Are you looking for dns_lookup_realm, not dns_lookup_kdc?

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

Reply via email to