Skip to content

Commit 17d0a0a

Browse files
committed
Clarify default DC discovery
1 parent 4501849 commit 17d0a0a

File tree

2 files changed

+3
-2
lines changed

2 files changed

+3
-2
lines changed

config/realm_ad.yml.example

+2-2
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
---
2-
# Authentication for Kerberos-based Realms
2+
# Authentication for Kerberos-based Realms. This will be used to get the DNS of the domain.
33
:realm: EXAMPLE.COM
44

55
# Kerberos pricipal used to authenticate against Active Directory
@@ -8,7 +8,7 @@
88
# Path to the keytab used to authenticate against Active Directory
99
:keytab_path: /etc/foreman-proxy/realm_ad.keytab
1010

11-
# FQDN of the Domain Controller
11+
# Optional: Only use a specific domain controller. This will disable DNS based dc discovery.
1212
:domain_controller: dc.example.com
1313

1414
# Optional: OU where the machine account shall be placed

lib/smart_proxy_realm_ad/provider.rb

+1
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,7 @@ def radcli_connect
8888
# Connect to active directory
8989
conn = Adcli::AdConn.new(@domain)
9090
conn.set_domain_realm(@realm)
91+
# Directly connect to the domain controller if specified, skip the SRV lookup
9192
conn.set_domain_controller(@domain_controller) unless @domain_controller.nil?
9293
conn.set_login_ccache_name('')
9394
conn.connect

0 commit comments

Comments
 (0)