In Microsoft SQL Server 2017 Cumulative Update (CU) 11, a new functionality was added to use Key Distribution Center (KDC) for a realm in the [realms] section of /etc/krb5.conf instead of doing a network lookup for the domain controller. This update added a new mssql-conf option network.enablekdcfromkrb5.
Up to CU13 by default, network.enablekdcfromkrb5 option is set to TRUE. Starting from SQL Server 2017 CU14 by default, network.enablekdcfromkrb5 option is set to FALSE. Therefore, SQL Server will do a network lookup for the domain controller instead of relying on the KDC list in krb5.conf unless network.enablekdcfromkrb5 option is set to TRUE through mssql-conf.
The improvement is included in the following cumulative update for SQL Server:
Each new cumulative update for SQL Server contains all thehotfixes and all the security fixes that were included with the previouscumulative update. Check out the latest cumulative updates for SQL Server: