[OpenAFS] Re: differences between aklog on Windows and Unix?

[Ken Hornstein]

>... but I'm using MIT Kerberos on all three machines (Win32, Linux,
>and MacOS).  Why do I see different behavior on MacOS?

You're using the Apple-supplied Kerberos library on OS X, right?  Did
you look at /Library/Preferences/edu.mit.Kerberos?  (Which is the real
config file for Kerberos on OS X).  I thought maybe Apple turned this
on by default, but a test program I whipped up makes me believe that
they didn't; a TXT record query only happens when I set
dns_lookup_realm to true.  The only thing I can think to tell you is
that somewhere in some config file that line is set.

BTW, since you were asking about a lowercase realm ... one thing I forgot
about is that the fallback algorithm used by krb5_get_host_realm() to
determine a host's realm is to take the domain component of the FQDN
and uppercase it ... that's one example where the library assumes that
the realm name is uppercase.

--Ken