Rajesh Ghanekar <[email protected]> wrote:
One idea to make an admin server HA in krb5.conf could be DNS round
robin, as far as multiple admin server are really supported.
Does other points (#1 - #3) mentioned in my mail holds true or
there is still
some confusion from my side?
Regarding
http://www.informit.com/guides/content.aspx?g=security&seqNum=37
kerberos libs should use nss (name service switch), but you can easyly
figure it out by trying. ;-)
When you have a working DNS with SRV records pointing g to your KDC
you can simply move your krb5.conf and try a kinit to get credendials.
This should work, when using DNS.
However, you also might want to add some entries to nsswitch.conf like
rpc: files dns
services: files dns
or something...
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
