We created a krb5.conf but then did not use it?
Richard Sharpe
realrichardsharpe at gmail.com
Fri Aug 9 10:13:09 MDT 2013
Hi folks,
We have hit an interesting situation with Samba 3.6.x where net ads
join -k is failing.
We managed to create a krb5.conf.DOM with the locations of the KDCs in
that realm.
However, when kerberos_kinit_password was called, it seemed to send a
DNS request for _kerberos._UDP.<realm> anyway, and got back 230 KDC
The code then started going through them randomly, it seems (and they
were not sorted by locality either) and because they seem to block
off-site auth traffic, we could not authenticate..
The version of Kerberos being used is Heimdal 1.0 by the look of things.
Has anyone seen this>
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list