Category Archives: db

ldap/ip_address instead of ldap/fqdn in Kerberos TGS-REQ

Issue For some reason, when using Kerberos ticket to authenticate to ldap server across domain, the fully qualified domain name (dc01.domain_b.net) was changed *automatically* to IP address in the TGS-Req. From WireShark: > Server Name (Unknown): ldap/192.168.1.70 It should be: … Continue reading

Posted in kerberos, ldap | Tagged , | Leave a comment