krb5.conf looks like
kdc=server1kdc=server2kdc=server2master_kdc=server1master_kdc=server2master_kdc=server3
server1 and server2 are down. server3 is up and running
Attempting to auth with kinit user_id and above configuration will fail.
However commenting master_kdc=server1 and master_kdc=server2
On 08/07/2017 04:31 PM, pgb205 wrote:
> krb5.conf looks like
> kdc=server1
> kdc=server2
> kdc=server2
> master_kdc=server1
> master_kdc=server2
> master_kdc=server3
> server1 and server2 are down. server3 is up and running
> Attempting to auth with kinit user_id and above configuration will fail.
Greg,
Sorry my mistake
I meant the following krb5.conf
kdc=server1kdc=server2kdc=server3master_kdc=server1master_kdc=server2master_kdc=server3
the above DOES NOT WORK when server1 and server2 are down.But If I comment
master_kdc=server2 I'm able to kinit. Like so:
kdc=server1kdc=server2kdc=server3
On 08/07/2017 05:51 PM, pgb205 wrote:
> It seems like kerberos is ok with encountering one failed master_kdc but
> not two or more.
>From the trace output, I think resolving server2 is encountering an
unusual error, which unfortunately manifests as EINVAL ("Invalid
argument") in our code. That er
