Re: DNS configuration

[Howard Chu <hyc@symas.com>]

Hai Zaar wrote:
> Dear list!
>
> I have a DNS related question.

Hm, what does this question have to do with OpenLDAP software?

> I have server named bigbox.example.com
> bigbox hosts LDAP and Kerberos KDC for domain .example.com
> So there are three 'A' DNS entries that point to the same IP (in that 
> order):
>    A    bigbox.example.com         10.0.0.10
>    A    directory.example.com      10.0.0.10
>    A    kerberos.example.com      10.0.0.10
>
> So when I do ldapsearch, it
> * looks for A record of directory.example.com
> * get 10.0.0.10
> * sends PTR query for 10.0.0.10.in-addr.arpa
> * gets 'PTR bigbox.example.com PTR directory.example.com PTR
> kerberos.example.com'
> * And then asks KDC for ticket for ldap/bigbox.example.com, instead of
> ldap/directory.example.com
>
> So, what is want is that ldapsearch (and friends) should always refer
> ldap server as directory.example.com and not bigbox.example.com
> Am I missing something in my DNS configuration or is it just
> ldapsearch specific behavior?

ldapsearch knows nothing about DNS or Kerberos. The behavior you're 
seeing is Kerberos-specific, and has nothing to do with LDAP or OpenLDAP 
software.

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/