Hi Nico,

It is strange that the DNS servers does not display the Active Directory 
domain servers IP. It is the default behaviour. Active Directory relies 
on DNS.

Are you sure your Linux machine is actually using the Active Directory 
windows DNS servers in resolv.conf ? It should, for AD authentication to 
work.

In this case, you should retrieve the domain servers IP (same as KDC), 
by typing :
# dig AD-domain.example.com.

Alain

Le 24/08/2011 14:04, Nico Kadel-Garcia a écrit :
> I'm quite aware that it's possible to authenticate local users against
> the Kerberos services of Active Directory, but seek a way to detect
> what the actual local KDC is in an environment that does not seem to
> publish the relevant SRV records for its Active Directory servers.
> Does anyone know a graceful way to deduce this, without running a
> full-blown nmap across the local network or trying to bother the
> Active Directory admins to reveal their secrets?