Hi community,

While configuring kerberos on the ISAM appliance, I would like to configure multiple KDCs in order to not introduce a single point of failure.

I cannot find documentation where multiple KDCs are configured and I am wondering if it is possible.
Adding multiple KDCs pass input validation (using space, comma and semi-colon separators) but I am wondering if it is possible and if so, what delimiter I should use...

Anybody done something like that before?
Or anybody who could check the source code to see whether it is supported (and how to specify it?)

Thx

------------------------------
Kristof Goossens
------------------------------

Hi Kristof,

IBM has released an APAR for this:
https://www-01.ibm.com/support/docview.wss?uid=swg1IJ12191

Indicating it's not clear from documentation:
"Multiple KDC values can be defined as a single KDC property with a comma delimitered value list."

Kind regards

------------------------------
Dries Eestermans
IS4U
------------------------------

Original Message:
Sent: Tue May 07, 2019 04:53 AM
From: Kristof Goossens
Subject: multiple KDCs in kerberos configuration

Hi community,

While configuring kerberos on the ISAM appliance, I would like to configure multiple KDCs in order to not introduce a single point of failure.

I cannot find documentation where multiple KDCs are configured and I am wondering if it is possible.
Adding multiple KDCs pass input validation (using space, comma and semi-colon separators) but I am wondering if it is possible and if so, what delimiter I should use...

Anybody done something like that before?
Or anybody who could check the source code to see whether it is supported (and how to specify it?)

Thx

------------------------------
Kristof Goossens
------------------------------

Hi Dries,

Thx for the info. Exactly what I was looking for!

------------------------------
Kristof Goossens
------------------------------

Original Message:
Sent: Tue May 07, 2019 05:00 AM
From: Dries Eestermans
Subject: multiple KDCs in kerberos configuration

Hi Kristof,

IBM has released an APAR for this:
https://www-01.ibm.com/support/docview.wss?uid=swg1IJ12191

Indicating it's not clear from documentation:
"Multiple KDC values can be defined as a single KDC property with a comma delimitered value list."

Kind regards

------------------------------
Dries Eestermans
IS4U

Original Message:
Sent: Tue May 07, 2019 04:53 AM
From: Kristof Goossens
Subject: multiple KDCs in kerberos configuration

Hi community,

While configuring kerberos on the ISAM appliance, I would like to configure multiple KDCs in order to not introduce a single point of failure.

I cannot find documentation where multiple KDCs are configured and I am wondering if it is possible.
Adding multiple KDCs pass input validation (using space, comma and semi-colon separators) but I am wondering if it is possible and if so, what delimiter I should use...

Anybody done something like that before?
Or anybody who could check the source code to see whether it is supported (and how to specify it?)

Thx

------------------------------
Kristof Goossens
------------------------------