I have a use-case with an edge deployed RODC and also some edge deployed containers running that'd I'd like to use this library in. The containers are chiseled images that don't contain ping (and I'm hoping to remove MIT GSS libraries).
One thing Im noticing - I'm attempting to configure a KDC precedence in my config. Similar to listing out multiple kdc values in a krb5.conf where the gss libraries will retry on a subsequent KDC if the first one fails. I'd like to prioritize the edge RODC/KDC and fallback on the network otherwise. I'm disabling PrioritizeKdcByPing (since the underlying OS doesn't even have ping)- the trouble is that even when disabling the ping check this line of code then randomizes the ping result leaving the KDC priority non-deterministic (instead of falling back to file or pinned kdc order)
I have a use-case with an edge deployed RODC and also some edge deployed containers running that'd I'd like to use this library in. The containers are chiseled images that don't contain ping (and I'm hoping to remove MIT GSS libraries).
One thing Im noticing - I'm attempting to configure a KDC precedence in my config. Similar to listing out multiple kdc values in a krb5.conf where the gss libraries will retry on a subsequent KDC if the first one fails. I'd like to prioritize the edge RODC/KDC and fallback on the network otherwise. I'm disabling PrioritizeKdcByPing (since the underlying OS doesn't even have ping)- the trouble is that even when disabling the ping check this line of code then randomizes the ping result leaving the KDC priority non-deterministic (instead of falling back to file or pinned kdc order)