Reverse lookup zones in the DNS for Kerberos/SPNEGO SSO
Configuring a reverse lookup zone in the Domain Name System (DNS) is standard practice for configuring Microsoft Active Directory.
If a reverse lookup zone is not configured, web clients might still be able to contact the server, but non-browser clients will not.
Adding a Reverse Lookup Zone describes how to add a reverse lookup zone entry in the DNS on the Microsoft Windows Server system. You must add a Pointer field that maps the IP address of the Active Directory server to a fully qualified domain name (FQDN) of the server as indicated by the forward DNS.