kerberos: Added support to kerberos::client for resolving kdc servers using DNS SRV records.

kerberos/templates/krb5.conf.erb

@@ -1,7 +1,11 @@
 [libdefaults]
   default_realm = <%= @kerberos_realm %>
   dns_lookup_realm = false
+<% if @kerberos_kdc.count == 0 -%>
+  dns_lookup_kdc = true
+<% else -%>
   dns_lookup_kdc = false
+<% end -%>
   ticket_lifetime = 24h
   forwardable = yes
 
@@ -14,7 +18,9 @@
 <% @kerberos_kdc.each do |kdc| -%>
     kdc = <%= kdc %>
 <% end -%>
-    admin_server = <% if @kerberos_kadmin %><%= @kerberos_kadmin %><% else %><%= @kerberos_kdc[0] %><% end %>
+<% if @kerberos_kadmin -%>
+    admin_server = <%= @kerberos_kadmin %>
+<% end -%>
 <% if @kerberos_kpasswd -%>
     kpasswd_server = <%= @kerberos_kpasswd %>
 <% end -%>