Locating Active Directory KDCs
Use this procedure to obtain the host names for Active Directory Key Distribution Centers (KDCs). You will need these host names during the configuration process.
To obtain the KDC host names
- From the command line, enter the following command:
nslookup -type=srv _kerberos._tcp.REALM
REALMis a Microsoft Windows domain name.
- Look up the KDCs for each realm against which users authenticate and the realm of the Authentication Server. If multiple realms are used, such as
SUB2.DEV.MYCOMPANY.COM, look up the KDC for the parent realm (
DEV.MYCOMPANY.COM) also. For example:
nslookup -type=srv _kerberos._tcp.SUB1.DEV.MYCOMPANY.COM
nslookup -type=srv _kerberos._tcp.SUB2.DEV.MYCOMPANY.COM
nslookup -type=srv _kerberos._tcp.DEV.MYCOMPANY.COM
The Active Directory KDC's host name is reported as the value of
svr hostname(Windows). For example:
service = 0 100 88 kdc.sub2.dev.mycompany.com
Ignore the numbers before the host name.