Set master_kdc and dns_lookup_kdc to true

https://fedorahosted.org/freeipa/ticket/2515

contrib/RHEL4/ipa-client-setup

@@ -307,7 +307,7 @@ def main():
         #[libdefaults]
         libopts = [{'name':'default_realm', 'type':'option', 'value':ipasrv.getRealmName()}]
         libopts.append({'name':'dns_lookup_realm', 'type':'option', 'value':'false'})
-        libopts.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'false'})
+        libopts.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'true'})
         libopts.append({'name':'ticket_lifetime', 'type':'option', 'value':'24h'})
         libopts.append({'name':'forwardable', 'type':'option', 'value':'yes'})
 
@@ -316,6 +316,7 @@ def main():
 
         #[realms]
         kropts =[{'name':'kdc', 'type':'option', 'value':ipasrv.getServerName()+':88'},
+                 {'name':'master_kdc', 'type':'option', 'value':ipasrv.getServerName()+':88'},
                  {'name':'admin_server', 'type':'option', 'value':ipasrv.getServerName()+':749'},
                  {'name':'default_domain', 'type':'option', 'value':ipasrv.getDomainName()}]
         ropts = [{'name':ipasrv.getRealmName(), 'type':'subsection', 'value':kropts}]

install/share/krb5.conf.template

@@ -6,7 +6,7 @@
 [libdefaults]
  default_realm = $REALM
  dns_lookup_realm = false
- dns_lookup_kdc = false
+ dns_lookup_kdc = true
  rdns = false
  ticket_lifetime = 24h
  forwardable = yes
@@ -14,6 +14,7 @@
 [realms]
  $REALM = {
   kdc = $FQDN:88
+  master_kdc = $FQDN:88
   admin_server = $FQDN:749
   default_domain = $DOMAIN
   pkinit_anchors = FILE:/etc/ipa/ca.crt

install/share/krb5.ini.template

@@ -8,6 +8,7 @@
         $REALM = {
                 admin_server = $FQDN
                 kdc = $FQDN
+                master_kdc = $FQDN
                 default_domain = $REALM
         }
 

install/tools/ipa-replica-conncheck

@@ -177,7 +177,7 @@ def configure_krb5_conf(realm, kdc, filename):
     #[libdefaults]
     libdefaults = [{'name':'default_realm', 'type':'option', 'value':realm}]
     libdefaults.append({'name':'dns_lookup_realm', 'type':'option', 'value':'false'})
-    libdefaults.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'false'})
+    libdefaults.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'true'})
     libdefaults.append({'name':'rdns', 'type':'option', 'value':'false'})
     libdefaults.append({'name':'ticket_lifetime', 'type':'option', 'value':'24h'})
     libdefaults.append({'name':'forwardable', 'type':'option', 'value':'yes'})
@@ -188,6 +188,7 @@ def configure_krb5_conf(realm, kdc, filename):
     #the following are necessary only if DNS discovery does not work
     #[realms]
     realms_info =[{'name':'kdc', 'type':'option', 'value':ipautil.format_netloc(kdc, 88)},
+                 {'name':'master_kdc', 'type':'option', 'value':ipautil.format_netloc(kdc, 88)},
                  {'name':'admin_server', 'type':'option', 'value':ipautil.format_netloc(kdc, 749)}]
     realms = [{'name':realm, 'type':'subsection', 'value':realms_info}]
 

ipa-client/ipa-install/ipa-client-install

@@ -756,6 +756,7 @@ def configure_krb5_conf(cli_realm, cli_domain, cli_server, cli_kdc, dnsok,
         #[realms]
         for server in cli_server:
             kropts.append({'name':'kdc', 'type':'option', 'value':ipautil.format_netloc(server, 88)})
+            kropts.append({'name':'master_kdc', 'type':'option', 'value':ipautil.format_netloc(server, 88)})
             kropts.append({'name':'admin_server', 'type':'option', 'value':ipautil.format_netloc(server, 749)})
         kropts.append({'name':'default_domain', 'type':'option', 'value':cli_domain})
     kropts.append({'name':'pkinit_anchors', 'type':'option', 'value':'FILE:/etc/ipa/ca.crt'})