I am trying to set up iprop replication for a slave KDC running on a
container in an EC2 instance in Amazon Web Services (AWS). We are
running Heimdal 1.5.2.
When the slave ipropd-slave connects to the master, it looks like the
master is doing a reverse DNS lookup on the slave's IP address and
getting one of those long Amazon addresses (e.g.,
ec2-52-45-91-42.us-west-2.compute.amazonaws.com). It then looks for the
principal "iprop/ec2-52-45-91-42.us-west-2.compute.amazonaws.com" in its
database.
We could just make the iprop principal the slave uses be
"iprop/ec2-52-45-91-42.us-west-2.compute.amazonaws.com" but the problem
with this is that the EC2 instance our slave runs on can change its IP
address at any time due to rebuilding or redeploying.
Is there anyway to get ipropd-master NOT to do this reverse DNS lookup
and just accept the principal name as sent by the slave? For example, I
would like to create a principal "iprop/testing123" and use that instead
of one based on a hostname. (We would still require that whatever
principal was sent by the slave would need to be listed in the
/var/heimdal/slaves file.)
Thanks, Adam Lewenberg
- Can ipropd-master service not do reverse DNS lo... Adam Lewenberg
-
