Improvement: New mssql-conf option network.enablekdcfromkrb5 is added in SQL Server 2017

Applies to: SQL Server 2017 Developer LinuxSQL Server 2017 Enterprise LinuxSQL Server 2017 Enterprise Core Linux

Improvement


In Microsoft SQL Server 2017 Cumulative Update (CU) 11, a new functionality was added to use Key Distribution Center (KDC) for a realm in the [realms] section of /etc/krb5.conf instead of doing a network lookup for the domain controller. This update added a new mssql-conf option network.enablekdcfromkrb5.

Up to CU13 by default, network.enablekdcfromkrb5 option is set to TRUE. Starting from SQL Server 2017 CU14 by default, network.enablekdcfromkrb5 option is set to FALSE. Therefore, SQL Server will do a network lookup for the domain controller instead of relying on the KDC list in krb5.conf unless network.enablekdcfromkrb5 option is set to TRUE through mssql-conf.

Resolution


The improvement is included in the following cumulative update for SQL Server:

About cumulative updates for SQL Server:

Each new cumulative update for SQL Server contains all thehotfixes and all the security fixes that were included with the previouscumulative update. Check out the latest cumulative updates for SQL Server:


References


Learn about the terminology that Microsoft uses to describe software updates.