On Thu, 2017-09-21 at 17:56 +0200, Sumit Bose wrote: > On Thu, Sep 21, 2017 at 11:23:20AM -0400, Simo Sorce wrote: > > On Thu, 2017-09-21 at 16:52 +0200, Lukas Slebodnik wrote: > > > Here you are. > > > local master: kvm-02-guest11.testrelm.test > > > replica: bkr-hv01-guest19.testrelm.test > > > > > > [root@kvm-02-guest11 ~]# cat /etc/krb5.conf > > > includedir /etc/krb5.conf.d/ > > > includedir /var/lib/sss/pubconf/krb5.include.d/ > > > > > > [logging] > > > default = FILE:/var/log/krb5libs.log > > > kdc = FILE:/var/log/krb5kdc.log > > > admin_server = FILE:/var/log/kadmind.log > > > > > > [libdefaults] > > > default_realm = TESTRELM.TEST > > > dns_lookup_realm = false > > > dns_lookup_kdc = true > > > > This ^^^^ sounds wrong on a master > > no, you need this to find any AD DC in a trusted forest.
Shouldn't SSSD do that for us via proper site discovery ? Simo. > bye, > Sumit > > > > > Simo. > > > > -- > > Simo Sorce > > Sr. Principal Software Engineer > > Red Hat, Inc > > -- Simo Sorce Sr. Principal Software Engineer Red Hat, Inc _______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org