Note (to be absolutely exact) that _both_ '_kpasswd' and '_kerberos' SRV records are usually missing in the _sites DNS zone (at least were missing in my AD). Whereas the bug fix mentioned below would eliminate the need for _kpasswd, I believe _kerberos would still be needed.
Ondrej
On 09/19/2012 04:04 PM, Jakub Hrozek wrote:
For the record, the fact that the back end went offline if the kpasswd server could not be resolved is a bug we fixed during the 1.9 development: https://fedorahosted.org/sssd/ticket/1452 _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users