Hi,
I’d like to know if you have ever seen this issue where duplicate _kerberos._udp.domain.org SRV records are present in your private corporate DNS, but having a different Priority. This issue is infrequent as it appears to occur maybe about only once a year.
We have applications that are very dependent on that list of _kerberos SRV records and when a duplicate is present, Kerberos authentication will break immediately for the applications it serves.
It might not be an “issue” but a normal behavior under certain conditions, but I can’t explain it and since the affected applications can’t handle it, we are wondering why this is happening and how to prevent it.
We also noticed that duplicate _kpasswd records were present at the time of the issue, but it doesn’t look to affect the applications.
We have a single domain forest running 2003 without issues.
Thanks for any help you could provide about this strange problem.