GFI Software

Welcome to the GFI Software community forum! For support please open a ticket from https://support.gfi.com.

Home » GFI User Forums » Kerio Connect » Kerio connect + RODC (Can I use Kerio with Read only DC?)
Kerio connect + RODC [message #152272] Fri, 22 July 2022 06:08 Go to next message
IlKa is currently offline  IlKa
Messages: 2
Registered: July 2022
Hello,

Does Kerio support R/O DC for directory services? Can we install RODC in DMZ near Kerio and use it instead of R/W domain controller to authenticate users?
I now see RODC redirects Kerio to RWDC even RODC has cached passwords for users, so I now want to understand of this scenario is officially supported?

PS: I think the problem here is not redirection, but Kerio doesn't obey "sites" (ms-specific feature) when searches for KDC for the authentication. Not Kerio, but probably kerberos library. So, query goes to the wrong controller. I will fix it on DNS site. But I still interested if Kerio supports RODC oficcially

[Updated on: Fri, 22 July 2022 13:01]

Report message to a moderator

Re: Kerio connect + RODC [message #152276 is a reply to message #152272] Fri, 22 July 2022 15:29 Go to previous message
IlKa is currently offline  IlKa
Messages: 2
Registered: July 2022
After hacking my DNS and pointing Kerio to m RODC explicitly using kerberos._udp and kerberos._tcp records I am now able to use RODC both for directory and auth purposes. It seems that scenario is supported!
Previous Topic: Update monitoring
Next Topic: Message rejected as malware spam
Goto Forum:
  


Current Time: Thu Aug 11 23:37:43 CEST 2022

Total time taken to generate the page: 0.02857 seconds