On 08/07/2017 05:51 PM, pgb205 wrote:
> It seems like kerberos is ok with encountering one failed master_kdc but
> not two or more.
>From the trace output, I think resolving server2 is encountering an
unusual error, which unfortunately manifests as EINVAL ("Invalid
argument") in our code. That er
205 ; "kerberos@mit.edu"
Sent: Monday, August 7, 2017 4:52 PM
Subject: Re: More than 2 failed master_kdc servers cause errors
On 08/07/2017 04:31 PM, pgb205 wrote:
> krb5.conf looks like
> kdc=server1
> kdc=server2
> kdc=server2
> master_kdc=server1
> master_kdc=server2
On 08/07/2017 04:31 PM, pgb205 wrote:
> krb5.conf looks like
> kdc=server1
> kdc=server2
> kdc=server2
> master_kdc=server1
> master_kdc=server2
> master_kdc=server3
> server1 and server2 are down. server3 is up and running
> Attempting to auth with kinit user_id and above configuration will fail.
krb5.conf looks like
kdc=server1kdc=server2kdc=server2master_kdc=server1master_kdc=server2master_kdc=server3
server1 and server2 are down. server3 is up and running
Attempting to auth with kinit user_id and above configuration will fail.
However commenting master_kdc=server1 and master_kdc=server2
