Skip Menu |

Date: Thu, 17 Sep 2020 00:29:49 +0300
To: "krb5-bugs" <>
Subject: DNS SRV query for _kpasswd._tcp.REALM
From: "Дилян Палаузов" <>

kadmind listens to both TCP and UDP ports 749 and 464 (four ports).

KRB5_TRACE=/tmp/a kpasswd prints:

[11482] 1600291290.023827: Sending DNS SRV query for
[11482] 1600291290.023828: Sending DNS SRV query for
[11482] 1600291290.023829: No SRV records found
[11482] 1600291290.023830: Sending DNS URI query for _kerberos-
[11482] 1600291290.023831: No URI records found
[11482] 1600291290.023832: Sending DNS SRV query for _kerberos-
[11482] 1600291290.023833: No SRV records found talks about _kerberos-adm._tcp and _kpasswd._udp, but not about

Please verify whether _kpasswd._TCP is used and document it.

Subject: git commit

Update SRV record documentation

The KDC has listened to TCP connections by default since commit
8d88e2ab00be126237569dc72827ced2ce6b7d04 (ticket 6731). Update the
documentation for _kerberos._tcp accordingly.

Correct a formatting error introduced by commit
10eb93809b1af06e2b1147aee2e3e50058ba1bbd (ticket 8921).

For _kpasswd._udp, if the _kerberos-adm._tcp fallback is used, the
port number is changed to 464, not 749.

Add entries for _kerberos-master._tcp and _kpasswd._tcp.
Author: Greg Hudson <>
Commit: 521175fd41f09d97d15d4d5a40b6611b81ef375f
Branch: master
doc/admin/realm_config.rst | 23 +++++++++++++----------
1 files changed, 13 insertions(+), 10 deletions(-)