Difference between revisions of "Krb5.conf"

Latest revision as of 10:55, 18 August 2009

save it in /tmp/krb5.conf

[libdefaults]
        default_realm = EXAMPLE.ORG
        default_tkt_enctypes = des3-hmac-sha1 aes128-cts
        default_tgs_enctypes = des3-hmac-sha1 aes128-cts

[realms]
        EXAMPLE.ORG = {
                admin_server = A.EXAMPLE.ORG
                default_domain = EXAMPLE.ORG
                kdc = localhost.localdomain:8888
                database_module = LDAP
        }

[dbdefaults]
        ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"

[dbmodules]
        LDAP = {
        db_library = kldap
        ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"
        ldap_kdc_dn = cn=admin,dc=example,dc=org
        ldap_kadmind_dn = cn=admin,dc=example,dc=org
        ldap_service_password_file = /tmp/krb5kdc/admin.stash
        ldap_servers = ldapi:///
        }
[domain_realm]

[logging]
        kdc = FILE:/tmp/kdc_fromkrb.log
        default = FILE:/tmp/krb5.log
        admin_server = FILE:/tmp/admin.log

/tmp/krb5_template.conf

[libdefaults]
        default_realm = EXAMPLE.ORG
        default_tkt_enctypes = des3-hmac-sha1 aes128-cts
        default_tgs_enctypes = des3-hmac-sha1 aes128-cts

[realms]
        EXAMPLE.ORG = {
                admin_server = A.EXAMPLE.ORG
                default_domain = EXAMPLE.ORG
                kdc = %(localFQDN)s:8888
                database_module = LDAP
        }

[dbdefaults]
        ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"

[dbmodules]
        LDAP = {
        db_library = kldap
        ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"
        ldap_kdc_dn = cn=admin,dc=example,dc=org
        ldap_kadmind_dn = cn=admin,dc=example,dc=org
        ldap_service_password_file = /tmp/krb5kdc/admin.stash
        ldap_servers = ldapi:///
        }
[domain_realm]

[logging]
        kdc = FILE:/tmp/kdc_fromkrb.log
        default = FILE:/tmp/krb5.log
        admin_server = FILE:/tmp/admin.log

@@ Line 1: / Line 1: @@
-you can save it in /tmp/krb5.conf<br>
+save it in /tmp/krb5.conf<br>
 <pre>
 [libdefaults]
         default_realm = EXAMPLE.ORG
-#       default_keytab_name = FILE:/home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5kdc/krb5.keytab
         default_tkt_enctypes = des3-hmac-sha1 aes128-cts
         default_tgs_enctypes = des3-hmac-sha1 aes128-cts
 [realms]
-# use "kdc = ..." if realm admins haven't put SRV records into DNS
         EXAMPLE.ORG = {
                 admin_server = A.EXAMPLE.ORG
-                # admin_server = localhost.localdomain:8886
-#               kpasswd_server = localhost.localdomain:8887
                 default_domain = EXAMPLE.ORG
                 kdc = localhost.localdomain:8888
@@ Line 20: / Line 16: @@
 [dbdefaults]
-#       database_module = LDAP
         ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"
@@ Line 30: / Line 25: @@
         ldap_kadmind_dn = cn=admin,dc=example,dc=org
         ldap_service_password_file = /tmp/krb5kdc/admin.stash
-        # ldap_service_password_file = /usr/local/var/krb5kdc/admin.stash
         ldap_servers = ldapi:///
         }
 [domain_realm]
-#       hamster-schnappi.mit.edu=EXAMPLE.ORG
-        #h.com= EXAMPLE.ORG
-        #.h.com= EXAMPLE.ORG
 [logging]
-        kdc = FILE:/tmp/mykdc.log
+        kdc = FILE:/tmp/kdc_fromkrb.log
-        default = FILE:/tmp/mykrb5.log
+        default = FILE:/tmp/krb5.log
-        admin_server = FILE:/tmp/myadmin.log
+        admin_server = FILE:/tmp/admin.log
-        #kdc = CONSOLE
 </pre>
-:19, 17 August 2009 (EDT)10:19, 17 August 2009 (EDT)[[User:Haoqili|Haoqili]] 10:19, 17 August 2009 (EDT)
+==/tmp/krb5_template.conf==
-I saved it in /home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5.conf
 <pre>
 [libdefaults]
         default_realm = EXAMPLE.ORG
-#       default_keytab_name = FILE:/home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5kdc/krb5.keytab
         default_tkt_enctypes = des3-hmac-sha1 aes128-cts
         default_tgs_enctypes = des3-hmac-sha1 aes128-cts
 [realms]
-# use "kdc = ..." if realm admins haven't put SRV records into DNS
         EXAMPLE.ORG = {
                 admin_server = A.EXAMPLE.ORG
-                # admin_server = localhost.localdomain:8886
-#               kpasswd_server = localhost.localdomain:8887
                 default_domain = EXAMPLE.ORG
-                kdc = localhost.localdomain:8888
+                kdc = %(localFQDN)s:8888
                 database_module = LDAP
         }
 [dbdefaults]
-#       database_module = LDAP
         ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"
@@ Line 75: / Line 59: @@
         ldap_kdc_dn = cn=admin,dc=example,dc=org
         ldap_kadmind_dn = cn=admin,dc=example,dc=org
-        ldap_service_password_file = /home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5kdc/admin.stash
+        ldap_service_password_file = /tmp/krb5kdc/admin.stash
-        # ldap_service_password_file = /usr/local/var/krb5kdc/admin.stash
         ldap_servers = ldapi:///
         }
 [domain_realm]
-#       hamster-schnappi.mit.edu=EXAMPLE.ORG
-        #h.com= EXAMPLE.ORG
-        #.h.com= EXAMPLE.ORG
 [logging]
-        kdc = FILE:/tmp/mykdc.log
+        kdc = FILE:/tmp/kdc_fromkrb.log
-        default = FILE:/tmp/mykrb5.log
+        default = FILE:/tmp/krb5.log
-        admin_server = FILE:/tmp/myadmin.log
+        admin_server = FILE:/tmp/admin.log
-        #kdc = CONSOLE
 </pre>

Difference between revisions of "Krb5.conf"

Latest revision as of 10:55, 18 August 2009

/tmp/krb5_template.conf

Navigation menu

Views

Personal tools

Navigation

Search

Tools