Quantal requesting sharepointsite.testdomain with firefox with the following option set in about:config network.negotiate-auth.trusted-uris "https://, http://" klist ====================================================================================================Default principal: testu...@example.com
Valid starting Expires Service principal 27/02/2013 08:35 27/02/2013 18:35 krbtgt/example....@example.com renew until 28/02/2013 08:35 ==================================================================================================== option rdns=false klist ==================================================================================================== Default principal: testu...@example.com Valid starting Expires Service principal 27/02/2013 08:35 27/02/2013 18:35 krbtgt/example....@example.com renew until 28/02/2013 08:35 27/02/2013 08:37 27/02/2013 18:35 HTTP/searchsite.testdomain@ renew until 28/02/2013 08:35 27/02/2013 08:37 27/02/2013 18:35 HTTP/searchsite.testdom...@example.com renew until 28/02/2013 08:35 ==================================================================================================== This results in a request for a ticket for the wrong name and no sso. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Rebuilding kerberos for quantal apt-get build-dep libkrb5-3 apt-get source libkrb5-3 edit src/lib/krb5/os/sn2princ.c //hints.ai_flags = AI_CANONNAME | AI_ADDRCONFIG; hints.ai_flags = AI_CANONNAME; rebuild: fakeroot debian/rules binary dpkg -i ../libkrb5-3.........deb %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% retest Quantal option rdns not set requesting sharepointsite.testdomain with firefox with the following option set in about:config network.negotiate-auth.trusted-uris "https://, http://" klist ==================================================================================================== Default principal: testu...@example.com Valid starting Expires Service principal 27/02/2013 08:53 27/02/2013 18:53 krbtgt/example....@example.com renew until 28/02/2013 08:53 27/02/2013 08:54 27/02/2013 18:53 HTTP/searchsite.testdomain@ renew until 28/02/2013 08:53 27/02/2013 08:54 27/02/2013 18:53 HTTP/searchsite.testdom...@example.com renew until 28/02/2013 08:53 ==================================================================================================== option rdns=false klist ==================================================================================================== Default principal: testu...@example.com Valid starting Expires Service principal 27/02/2013 08:59 27/02/2013 18:59 krbtgt/example....@example.com renew until 28/02/2013 08:59 27/02/2013 09:00 27/02/2013 18:59 HTTP/sharepointsite.testdomain@ renew until 28/02/2013 08:59 27/02/2013 09:00 27/02/2013 18:59 HTTP/sharepointsite.testdom...@example.com renew until 28/02/2013 08:59 ==================================================================================================== Now the setting rdns=false causes sso to work. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/571572 Title: krb5 prefers the reverse pointer no matter what for locating service tickets. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/571572/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs