From ba95f1c434b430f0db7fddbd865af10488ecab17 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Wed, 26 Jun 2013 16:23:32 +0200
Subject: AD: kinit with the local DC even when talking to a GC

We tried to use the GC address even for kinit which gave us errors like:
"Realm not local to KDC while getting initial credentials".

This patch adds a new AD_GC service that is only used for ID lookups,
any sort of Kerberos operations are done against the local servers.
---
 src/providers/ad/ad_common.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/providers/ad/ad_common.h')

diff --git a/src/providers/ad/ad_common.h b/src/providers/ad/ad_common.h
index 1503059e8..500f49c78 100644
--- a/src/providers/ad/ad_common.h
+++ b/src/providers/ad/ad_common.h
@@ -26,7 +26,8 @@
 #include "util/util.h"
 #include "providers/ldap/ldap_common.h"
 
-#define AD_SERVICE_NAME "AD"
+#define AD_SERVICE_NAME    "AD"
+#define AD_GC_SERVICE_NAME "AD_GC"
 /* The port the Global Catalog runs on */
 #define AD_GC_PORT      3268
 
-- 
cgit