[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: newbie Qeustion on Preparing DNS for kerberos



>For days I've been reading www.bayour.com/LDAPv3-HOWTO trying to setup 
>my kerberos realm.  I know those instructions are very good for people
>who're familiar with networking, but I'm over my head here because I am
>missing some vital basic understanding.  Could someone please refer me
>to a source for beginners or if there's quick answers help me along?
>Q 1)
>The instructions in the above document state that I need to setup ldap 
>and kerberos servers in my DNS like the following.  
> ---- snip -----
> ; IP address to the Kerberos/LDAP servers 
> kerberos        IN     A    <IP ADDRESS OF YOUR 1st KERBEROS SERVERS>
> kerberos-1     IN     A     <IP ADDRESS OF YOUR 2nd KERBEROS SERVERS>
> ldap              IN     A     <IP ADDRESS OF YOUR 1st LDAP SERVER>
>  ...... 
>----------- snip ----
>But I only have one IP address provided to me by my ISP.  So do I enter 
>that one IP address for all of the servers?

Do you only have one system?  Are you providing Kerberos V to the
Internet?  You should use private IP numbers internally (10.x.x.x or
192.168.x.x).

>Q 2)
>To setup kerberos realm name I need to use my domain name.  Is that the 
>domain name found in /etc/resolv.conf?  

Usually.

>Q 3)
>Can I just use localhost.localdomain to setup a kerberos realm name and 
>skip setting up DNS for  kerberos and ldap servers, if I want to use
>kerberos in my local domain only?

I wouldn't.  Spend the $20 and buy a domain.