On Thu, 2016-09-15 at 11:11 +0700, Victor Sudakov wrote:
> Dear Colleagues,
> I'm trying to use a DNS TXT record to lookup domain to realm
> $ dig +short txt _kerberos.mydomain.example
> $ dig +short srv _kerberos._udp.mydomain.example
> 20 0 88 big.mydomain.example.
> 10 0 88 small.mydomain.example.
> However, a Kerberos client, after correctly discovering its realm as
> "FOO.EXAMPLE", is trying to lookup _kerberos._udp.FOO.EXAMPLE etc.
> Is it expected behaviour? I supposed it should be looking up
Are you looking for dns_lookup_realm, not dns_lookup_kdc?
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba