[Linux-aus] SRV _kerberos._http.COMPANY.LOCAL.
Russell Coker
russell at coker.com.au
Thu Jun 9 14:13:53 AEST 2022
I have a setup of sssd (the Linux Active Directory client) talking to a
locally hosted AD instance which also has an Azure AD domain (which isn't
supported by sssd) mirroring some of the data. I'm getting repeated DNS
lookups for the above SRV entry, any idea of what this is about and what the
right value should be?
The real problem is poor performance with slow logins (like it's timing out
trying to connect to the wrong server) and it appears that doing hundreds of
DNS requests for things that don't exist is likely to be part of that problem.
What does Kerberos expect with the _http service? Does it expect the server
running on port 88?
I'd appreciate any responses that give a clue here. Could be from the AD side
how I can probe the AD setup or just guess what it's doing (assuming that most
of it will be default options). Could be from the Linux/SSSD side of what the
client is expecting and how to make it happy.
Also I'm going to try to get the Ubuntu adsys package to work, currently
installing it breaks AD on that workstation. But that's a later thing.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
More information about the linux-aus
mailing list