From what I've read holistically, Putting your DCs behind a VIP tends to be problematic because the member server name doesn't match the name of the SPN thus it becomes vehemently unhappy.
Does anyone have experience putting DCs behind a network load balancer
for Kerberos Authentication?
Depending on who you ask, it doesn't really work. I wanted to ask the
group to see if anyone has strong experience in doing it and if it's feasible?
Does anyone have experience putting DCs behind a network load balancer
for Kerberos Authentication?
Depending on who you ask, it doesn't really work. I wanted to ask the
group to see if anyone has strong experience in doing it and if it's feasible?
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 296 |
Nodes: | 16 (2 / 14) |
Uptime: | 81:14:25 |
Calls: | 6,658 |
Calls today: | 4 |
Files: | 12,203 |
Messages: | 5,333,311 |
Posted today: | 1 |