Hi all,
Please help me understand how I should order the
client's list of KDC's it can contact in the krb5.conf file.
I have:
[realms]
YADDA.WASHINGTON.EDU = {
kdc = kdc.yadda.washington.edu
kdc = kdc1.yadda.washington.edu
kdc = kdc2.yadda.washington.edu
admin_server = kdc1.yadda.washington.edu
default_domain = yadda.washington.edu
krb524_server = kdc1.yadda.washington.edu
}
NOTE: kdc.yadda.washington.edu points to the master, which is
kdc1.yadda.washington.edu
but I have MANY clients which will need to set up to use
kerberos, and kdc1 and kdc2 are on different subnets.
Should I put the kdc that is the closest (fewest hops, or local)
first in the list? or should I always put the master server first,
regardless of network proximity.
Am i nit-picking here? Does order matter in the kdc list?
Im curious how failover is done if my router to the first
kerb server in the list goes down.
thanks,
Matt
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
