[PATCH] libads: fixes to generation of custom krb5.conf
Uri Simchoni
urisimchoni at gmail.com
Thu Jun 4 01:09:40 MDT 2015
Hi,
Attached pls find some fixes to generation of custom krb5.conf -
libads creates this file in order to help the kerberos client libs do
AD-aware and specifically site-aware kerberos.
Patch 1/4 - fix indentation of kdcs in case of multiple kdcs
Patch 2/4 - when doing SRV queries, lookup _kerberos records and not
_ldap records. This also fixes a bug in which only KDCs of the current
site are listed, and KDCs of site-less query are not listed
Patch 3/4 - correctly merge lists, to avoid same IP address coming up
twice (well, maybe this one is needed because of the 2/4 fix..)
Patch 4/4 - make sure the "known good server" from the
session-affinity cache always appears first in the generated krb5.conf
file.
Please review,
Uri.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: get_kdc.patch
Type: application/octet-stream
Size: 9945 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150604/0ebd1998/attachment.obj>
More information about the samba-technical
mailing list