Locating Active Directory KDCs
Use this procedure to obtain the host names for Active Directory Key Distribution Centers (KDCs). You will need these host names during the configuration process.
To obtain the KDC host names
- From the command line, enter the following command:
nslookup -type=srv _kerberos._tcp.REALM
REALM
is a Microsoft Windows domain name. - Look up the KDCs for each realm against which users authenticate and the realm of the Authentication Server. If multiple realms are used, such as
SUB1.DEV.MYCOMPANY.COM
andSUB2.DEV.MYCOMPANY.COM
, look up the KDC for the parent realm (DEV.MYCOMPANY.COM
) also. For example:nslookup -type=srv _kerberos._tcp.SUB1.DEV.MYCOMPANY.COM
nslookup -type=srv _kerberos._tcp.SUB2.DEV.MYCOMPANY.COM
nslookup -type=srv _kerberos._tcp.DEV.MYCOMPANY.COM
The Active Directory KDC's host name is reported as the value of
service
(UNIX) orsvr hostname
(Windows). For example:service = 0 100 88 kdc.sub2.dev.mycompany.com
(Ignore the numbers before the host name.)
Where to go from here
Was this page helpful? Yes No
Submitting...
Thank you
Comments
Log in or register to comment.