Locating the Active Directory KDC for the service principal's domain
Use this procedure to obtain the host name for the Active Directory KDC that is running in the realm where the keytab file for the service principal was created. Later in the configuration process, you need this host name.
To locate the Active Directory KDC for the service principal's name
From a command line, enter the following:
nslookup -type=srv _kerberos._tcp.<SERVICE_PRINCIPAL_DOMAIN>
In this command, <SERVICE_PRINCIPAL_DOMAIN> is the domain of the service principal. For example:
nslookup -type=srv _kerberos._tcp.SUB2.DEV.MYCOMPANY.COM
The Active Directory KDC's host name is reported as the value of service (UNIX) or svr hostname (Windows). For example:
service = 0 100 88 kdc.sub2.dev.mycompany.com
Ignore the numbers before the host name.
Where to go from here
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*