Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There is a situation when the SMB protocol (in particular 445/TCP port) is blocked/filtered, so these scripts don't work properly in conjunction with Kerberos (doesn't matter which Python version is used)
Specifying the -dc-ip option won't help either (expected behaviour)
What if I have the corresponding FQDN (or NetBIOS name)? There should be an option to specify it. I have changed conditions in run() and have added the -dc-host parameter
Now it is possible to connect to specific KDC using its FQDN (or NetBIOS name) without initiating an SMB connection with it. So the first issue is solved
The second one is related to the -dc-ip option. Why not just reuse the -dc-ip option (maybe rename it to -kdc) and allow to specify FQDN (or NetBIOS name) in it and check it in those conditions? This is due to DNS name resolution issue. If the DNS protocol is also blocked/filtered, both FQDN (or NetBIOS name) and IP address should be specified. It is possible to add an entry to /etc/hosts for sure, but if there is an option, why not to use it?
From now in the worst situation the syntax will be the following: