Printable View
Hi folks,
I'd like to change the hostname of my kdc, but I'm worried that
this will break
kerberos. What steps should I take to ensure this doesn't happen?
I'm running
MIT kerberos version 1.6.2 under CentOS 5. I have a primary KDC and a
backup
KDC.
Thanks in advance for any advice.
Bryan
"bryan@virginia.edu" <catselbow@gmail.com> writes:
[color=blue]
> I'd like to change the hostname of my kdc, but I'm worried that
> this will break kerberos. What steps should I take to ensure this
> doesn't happen? I'm running MIT kerberos version 1.6.2 under CentOS 5.
> I have a primary KDC and a backup KDC.[/color]
As long as you update DNS SRV records and krb5.conf files accordingly,
changing the hostname shouldn't be an issue. The Kerberos database itself
doesn't care about the local hostname.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
>>>>> "RA" == Russ Allbery <rra@stanford.edu> writes:
RA> "bryan@virginia.edu" <catselbow@gmail.com> writes:[color=blue][color=green]
>> I'd like to change the hostname of my kdc, but I'm worried that
>> this will break kerberos. What steps should I take to ensure this
>> doesn't happen? I'm running MIT kerberos version 1.6.2 under
>> CentOS 5. I have a primary KDC and a backup KDC.[/color][/color]
RA> As long as you update DNS SRV records and krb5.conf files
RA> accordingly, changing the hostname shouldn't be an issue. The
RA> Kerberos database itself doesn't care about the local hostname.
RA> -- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
One possible side issue is kprop -- when you change the hostname you'll
have to authorize the new host principal to push the database to the
slaves (kpropd.acl).
--
Richard Silverman
[email]res@qoxp.net[/email]