Re: DNS lookup for resolving domain to realm mapping works...butonly after I modified the source code ?

[joda@pdc.kth.se (Johan Danielsson)]

Lara Adianto <m1r4cle_26@yahoo.com> writes:

> Unfortunately, when another w2k machine which has authenticated to
> LARA_HMD.COM (a Kerberos realm) wants to access test-machine, the
> request is still sent as host/test-machine@LARA_HMD and not
> host/test-machine.WIN.LARA_W2K.COM !

I'm afraid I know too little about how windows works, but when you say
you've create a child domain, does that mean that you've clicked on
some "create child domain" button somewhere, or did you created it
from scratch? I suppose that in the former case, the domain controller
somehow thinks it knows things about this other domain. But like I
said, I really have no clue.

> How to make the client machine indicates the server's FQDN in its
> request to its KDC ? Is there any specific settings need to be done
> on client machine ?

I have no idea.

>> Suppose there's two domain served by your realm foo.com and
>> bar.com. Now your client asks for host/test_w2kserver. How should
>> the KDC know which of test_w2kserver.foo.com and
>> test_w2kserver.bar.com is meant (assuming both exist)?
> Does test_w2kserver.foo.com and test_w2kserver.bar.com refer to two
> different machines ? 

Well yes, but it doesn't really matter. Neither the client nor the KDC
can know if they are in fact the same physical machine or not.

/Johan