Kyle McDonald wrote: > Shawn M Emery wrote: >> Typically host names are not mixed case. Is it possible for you to >> just set /etc/nodename and the hostname to just "keymaster"? > I guess so. > > Reading the docs implied that all hostnames were converted to > lowercase before being used by kerberos, no matter how DNS was > configured. I'm not sure why mixed case was selected at this site, but > I've seen it before many places. Since DNS is case insensitive, and > case preserving, (Similiar to NTFS/CIFS) it's never broken things for > me before. > > So you think it's the kernel's idea of the hostname that matters, not > DNS's? That's the easiest to change. I'll give it a try. > > Thanks.
Also the doc say that not only is it OK, but it is actually suggest using the CNAME entry in DNS, *and* in the kerberos Config files, not the canonical hostname. Is that also true? Do the CNAME's need principals created? Running 'krb5_util' seems to have created the principal for 'kiprop/keymaster.releng.egenera.com at RELENG.EGENERA.COM' (the hostname you suggested above,) so what is the purpose of creating the kiprop principal the docs have me make? should that be 'keymaster' or is that principal supposed to be for the CNAME 'kdc0'? This is one thing I always find frustrating about Sun's docs (and 'Task Maps'.) While they lead you through all the basic steps, they never explain why each step is done, what effect the change has or what other options or alternatives (variables) you might want to do instead. -Kyle
