[Samba] kerberos configuration in samba
Rajesh Ghanekar
rajesh_ghanekar at symantec.com
Tue Dec 15 04:11:58 MST 2009
Ralf Hornik Mailings wrote:
> Rajesh Ghanekar <rajesh_ghanekar at symantec.com> wrote:
>
>> 4. I can have multiple "kdc = " entries in /etc/krb5.conf, if I need
>> to manually configure
>> /etc/krb5.conf, but only single "admin server =" and "password server
>> =" line.
>> How does this /etc/krb5.conf entry for admin server and password
>> server becomes
>> HA if the machine specified in admin server and password server goes
>> down?
>
> As I remember, you can only have one admin server (and password
> server?), since kerberos only supports read-only slaves, unless
> Microsoft changed something in the protocol.
>
> One idea to make an admin server HA in krb5.conf could be DNS round
> robin, as far as multiple admin server are really supported.
>
>
Hi Ralf,
Does other points (#1 - #3) mentioned in my mail holds true or there
is still
some confusion from my side?
Thanks,
Rajesh
More information about the samba
mailing list