Obtaining the Kerberos Realm and DNS Names

Learn how to obtain the KerberosAn authentication protocol for client/server applications. Realm and DNSDomain Name System - Enables the translation of hostnames to IP addresses and provides other domain related information. Names in Active Directory and Open Directory, respectively.

Obtaining the Kerberos Realm and DNS Names in Active Directory

To obtain the Kerberos Realm and DNS Names in Active Directory, perform the following steps:

  1. Open Programs- > Administrative Tools- > Active Directory Management.
  2. Choose Active Directory Domains and Trusts.
  3. The Active Directory domain names are listed.

The Active Directory domain name is also the corresponding Kerberos realm name and DNS domain name. Pick the domain you want to join the mailserver to. Always use the Kerberos realm name in upper case letters and the DNS domain name in lower case letters.

Obtaining the Kerberos Realm and DNS Names in Open Directory

The Kerberos realm name and DNS domain name will already be known if it was necessary to setup Open Directory for Kerberos .

If Open Directory is already running Kerberos, then use the following process:

  1. Open a terminal as an admin user
  2. Enter the following command:

sudo grep -A 2 domain_realm /Library/Preferences/edu.mit.Kerberos

Example:

tiger:~ root# grep -A 2 domain_realm /Library/Preferences/edu.mit.Kerberos [domain_realm] .example.mac = TIGER.EXAMPLE.MAC example.mac = TIGER.EXAMPLE.MAC tiger:~ root#

In this example, The DNS domain name is on the left of the equals (=) symbol, and the Kerberos realm name is on the right.

NOTE

Always use upper case letters when referring to the Kerberos realm name even if you've seen it in lower case letters on the server. Always use lower case letters when referring to the DNS domain name. It prevents confusion since they are often the same in many networks.