I thank everyone for their help, but perhaps I need to be more specific. I am a contractor for a large government agency tasked with writing an application and I would like to use Kerberos against a Windows 2000 Active Directory service for authentication purposes. The domain controllers are maintained by a competing contract firm that either through spite or ignorance refuse to answer my questions. The application is written in Java and uses the Java Authentication and Authorization Service to contact Kerberos. When tested against a Win2k domain that I control, I can pass it the domain name, the KDC host name, a user name and password and receive authorization from the server. However, when I pass JAAS any KDC name other than the host name (i.e. _kerberos._tcp.DOMAIN.TLD, which is specified in the netlogon.dns file on the domain controller as a mapping), the JAAS throws an UnknownHostException. So in order to deploy my application to the agency as a whole, I somehow need to discover a KDC host name within a domain that I do not control. Is there a mechanism that can do this for me?
[EMAIL PROTECTED] (Joe) wrote in message news:<[EMAIL PROTECTED]>... > How does one discover a Kerberos KDC through DNS? Several people I > have spoken with say it is possible, but when I ask them _how_ to do > it they give me a blank look. All of the online resources I have > looked at are geared to administration rather than application > development, and as such are less than helpful. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
