Let say our realm is CARS.LOCAL
and I can't change it.
Would a principal like HTTP/portal.houses.com@CARS.LOCAL
works?
In other words, our internet domain name doesn't match our realm and I would like to use our registered domain name with kerberos.
The server hosting portal.houses.com
and acting as a kerberos client to auth users is server1.cars.local
. Reverse dns lookup works for server1.cars.local
.
But portal.houses.com
resolves to an ip not matching server1.cars.local
in a reverse dns lookup.
Is it possible to do what I want?
Would the only way be to have an A record for portal.houses.com
using a static ip and make that ip ptr record point to portal.houses.com
?
I'm using Active Directory as the kerberos server.