[Linux-aus] SRV _kerberos._http.COMPANY.LOCAL.
ileyd at icloud.com
Thu Jun 9 15:23:11 AEST 2022
How many groups are the users you login with a member of?
Is the primary DNS search domain correct on the client machines? How many AD DCs do you have and are they on the same subnet?
Lilac Kapul (she/they)
M 0432 114 172 E ileyd at icloud.com
> On 9 Jun 2022, at 14:14, Russell Coker via linux-aus <linux-aus at lists.linux.org.au> wrote:
> I have a setup of sssd (the Linux Active Directory client) talking to a
> locally hosted AD instance which also has an Azure AD domain (which isn't
> supported by sssd) mirroring some of the data. I'm getting repeated DNS
> lookups for the above SRV entry, any idea of what this is about and what the
> right value should be?
> The real problem is poor performance with slow logins (like it's timing out
> trying to connect to the wrong server) and it appears that doing hundreds of
> DNS requests for things that don't exist is likely to be part of that problem.
> What does Kerberos expect with the _http service? Does it expect the server
> running on port 88?
> I'd appreciate any responses that give a clue here. Could be from the AD side
> how I can probe the AD setup or just guess what it's doing (assuming that most
> of it will be default options). Could be from the Linux/SSSD side of what the
> client is expecting and how to make it happy.
> Also I'm going to try to get the Ubuntu adsys package to work, currently
> installing it breaks AD on that workstation. But that's a later thing.
> My Main Blog http://etbe.coker.com.au/
> My Documents Blog http://doc.coker.com.au/
> linux-aus mailing list
> linux-aus at lists.linux.org.au
> To unsubscribe from this list, send a blank email to
> linux-aus-unsubscribe at lists.linux.org.au
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the linux-aus