Tom Parker <[email protected]> writes: > Good Afternoon.
> I have two KDCs and my DNS servers are pointing to both of them with > equal weight. Both KDCs are running 1.9.1. > _kerberos._udp IN SRV 10 0 88 <server 1> > _kerberos._udp IN SRV 10 0 88 <server 2> > We are using Russ's pam-krb5 module version 4.4 compiled against krb > 1.8.3. > The problem I have is that if I update my client from 1.8.3 to 1.9.1 my > High Availability breaks. A 1.9.1 client will not successfully > authenticate if one of my KDCs is down. My 1.8.3 clients work fine. Just to double-check, you don't set dns_lookup_kdc to false in your krb5.conf file, do you? -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
