Hi all,

I setted up kerberos on a big environment, let's say 1300 servers. We have
one Master Kerberos and 16 Slaves. We have this problem: the environment is
commercial so we are a little bit constrained, we are not allowed to use DNS
nor any kind of host centralization. We are facing with the problem that
some server can have the same hostname. My question is there is a way to
have multiple key (host principal) having two server with the same hostname.

For example, let's say we have two server called host_pippo, on the kdc side
we create host/host_pippo@REALM. This principal can be used for both the
hosts with hostname host_pippo. Is there any workaround to discriminate
server with the same hostname?

I know that kerberos without DNS managing thounsands of systems can be
dangerous but we have no choice :-(, so any valid workaround would be
helpful :-D

Thanks in advance.

--
Andrea Cirulli