Quoting Jeffrey Watts <jeffrey.w.wa...@gmail.com>: > What I've noticed is that if you use the -S option (to explicitly specify > the server), 'net' seems to ignore that and use DNS instead. I've watched > with the debug set to 5 and I've seen 'net' try to connect to different > KDCs. I would assume that it would be good behavior if it were trying to > access the -S server _first_, but its attempts seem to be purely random > based on whatever is returned via DNS first. >
ok, so , still asking the samba list, where it is clear samba has its own behavior. see the /var/cache/samba/smb_krb5/krb5.conf.<DOMAIN> file for example. Then , I wanted to try how the failover would behave if the SRV _kerberos-master._udp.<DOMAIN> record was present. But my Active Directory admin says he has indeed the _kerberos._XX SRV record, but that he is not proposed with the choice to add a _kerberos-master. record in the AD DNS system. Has anyone stepped upon such a problem ? Andrew ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos