Is it required to specify the name of the domain controller in the krb5.ini file for AD authentication if DNS is configured as round robin for domain authentication.
Even though DNS round robin for domain authentication is used, for AD authentication for DLP, the name of each domain controller (KDC) is required in the krb5.ini file. This is because for AD authentication Kerberos is used and it requires KDC as part of its lookup authentication.
For more details, please see the Admin Guide for setting up Active Directory authentication:
"Replace the sample kdc values with the hostnames or IP addresses of your Active Directory servers."