Stanislas_Piro2
Mar 24, 2016Cumulonimbus
APM : Multiple servers for Kerberos SSO
Hi,
In Kerberos SSO, there are 3 solutions to define KDC server
- left blank : use DNS to find kerberos server with SRV record : not recommended by F5, requires change of /etc/krb5.conf
- KDC hostname : use DNS to resolve kerberos IP from provided name : a little better
- KDC IP : recommended by F5
When configuring hostname or IP, I did not find how to configure more than one server.
The only solution I found was to create a VS listening on all ports (to allow LDAP and Kerberos ports, UDP and TCP)
Is it the solution? is there a solution to configure more than one server? can we configure a pool like in AD Auth?