[Samba] kerberos configuration in samba
Ralf Hornik Mailings
ralf at best.homeunix.org
Tue Dec 15 04:09:56 MST 2009
Rajesh Ghanekar <rajesh_ghanekar at symantec.com> wrote:
> 4. I can have multiple "kdc = " entries in /etc/krb5.conf, if I need
> to manually configure
> /etc/krb5.conf, but only single "admin server =" and "password
> server =" line.
> How does this /etc/krb5.conf entry for admin server and password
> server becomes
> HA if the machine specified in admin server and password server goes down?
As I remember, you can only have one admin server (and password
server?), since kerberos only supports read-only slaves, unless
Microsoft changed something in the protocol.
One idea to make an admin server HA in krb5.conf could be DNS round
robin, as far as multiple admin server are really supported.
More information about the samba
mailing list