kjhurni wrote:


> Sweet, so a few more questions, if you don't mind?


Thats what we're here for right?

> When you specify the First Name (this is section 5.2.2 of the Identity
> server Guide), it says to put the hostname of the IDS. But what if
> you have multiple IDS in a cluster? Do you use the base URL "name"
> instead?


Yes, correct. We have 4 IDP's in our cluster and share the same config
across all 4 servers

> And:
>
> When creating the Kerberos Auth Class (if using eDir), do you still
> use the Kerberos Realm and point it to AD?
> And same thing for the Kerberos KDC?


yep, that is all required in order to successfully load the class. From
memory it only connects to the KDC on start up, once the IDP is loaded
it no longer talks to it. Since 3.2 Sp somethign you can add multiple
DC's for failover purposes.

--
Cheers,
Edward