logo_kerberos.gif

Difference between revisions of "Krb5.conf"

From K5Wiki
Jump to: navigation, search
Line 1: Line 1:
 
you can save it in /tmp/krb5.conf<br>
  
you can save it in /tmp/krb5.conf<br>
  +
  +
<pre>
  +
[libdefaults]
  +
default_realm = EXAMPLE.ORG
  +
# default_keytab_name = FILE:/home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5kdc/krb5.keytab
  +
default_tkt_enctypes = des3-hmac-sha1 aes128-cts
  +
default_tgs_enctypes = des3-hmac-sha1 aes128-cts
  +
  +
[realms]
  +
# use "kdc = ..." if realm admins haven't put SRV records into DNS
  +
EXAMPLE.ORG = {
  +
admin_server = A.EXAMPLE.ORG
  +
# admin_server = localhost.localdomain:8886
  +
# kpasswd_server = localhost.localdomain:8887
  +
default_domain = EXAMPLE.ORG
  +
kdc = localhost.localdomain:8888
  +
database_module = LDAP
  +
}
  +
  +
[dbdefaults]
  +
# database_module = LDAP
  +
ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"
  +
  +
[dbmodules]
  +
LDAP = {
  +
db_library = kldap
  +
ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"
  +
ldap_kdc_dn = cn=admin,dc=example,dc=org
  +
ldap_kadmind_dn = cn=admin,dc=example,dc=org
  +
ldap_service_password_file = /tmp/krb5kdc/admin.stash
  +
# ldap_service_password_file = /usr/local/var/krb5kdc/admin.stash
  +
ldap_servers = ldapi:///
  +
}
  +
[domain_realm]
  +
# hamster-schnappi.mit.edu=EXAMPLE.ORG
  +
#h.com= EXAMPLE.ORG
  +
#.h.com= EXAMPLE.ORG
  +
  +
[logging]
  +
kdc = FILE:/tmp/mykdc.log
  +
default = FILE:/tmp/mykrb5.log
  +
admin_server = FILE:/tmp/myadmin.log
  +
#kdc = CONSOLE
  +
  +
</pre>
  +
  +
10:19, 17 August 2009 (EDT)10:19, 17 August 2009 (EDT)[[User:Haoqili|Haoqili]] 10:19, 17 August 2009 (EDT)
 
I saved it in /home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5.conf
  
I saved it in /home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5.conf
   

Revision as of 10:19, 17 August 2009

you can save it in /tmp/krb5.conf

[libdefaults]
        default_realm = EXAMPLE.ORG
#       default_keytab_name = FILE:/home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5kdc/krb5.keytab
        default_tkt_enctypes = des3-hmac-sha1 aes128-cts
        default_tgs_enctypes = des3-hmac-sha1 aes128-cts

[realms]
# use "kdc = ..." if realm admins haven't put SRV records into DNS
        EXAMPLE.ORG = {
                admin_server = A.EXAMPLE.ORG
                # admin_server = localhost.localdomain:8886
#               kpasswd_server = localhost.localdomain:8887
                default_domain = EXAMPLE.ORG
                kdc = localhost.localdomain:8888
                database_module = LDAP
        }

[dbdefaults]
#       database_module = LDAP
        ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"

[dbmodules]
        LDAP = {
        db_library = kldap
        ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"
        ldap_kdc_dn = cn=admin,dc=example,dc=org
        ldap_kadmind_dn = cn=admin,dc=example,dc=org
        ldap_service_password_file = /tmp/krb5kdc/admin.stash
        # ldap_service_password_file = /usr/local/var/krb5kdc/admin.stash
        ldap_servers = ldapi:///
        }
[domain_realm]
#       hamster-schnappi.mit.edu=EXAMPLE.ORG
        #h.com= EXAMPLE.ORG
        #.h.com= EXAMPLE.ORG

[logging]
        kdc = FILE:/tmp/mykdc.log
        default = FILE:/tmp/mykrb5.log
        admin_server = FILE:/tmp/myadmin.log
        #kdc = CONSOLE

10:19, 17 August 2009 (EDT)10:19, 17 August 2009 (EDT)Haoqili 10:19, 17 August 2009 (EDT) I saved it in /home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5.conf 


[libdefaults]
        default_realm = EXAMPLE.ORG
#       default_keytab_name = FILE:/home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5kdc/krb5.keytab
        default_tkt_enctypes = des3-hmac-sha1 aes128-cts
        default_tgs_enctypes = des3-hmac-sha1 aes128-cts

[realms]
# use "kdc = ..." if realm admins haven't put SRV records into DNS
        EXAMPLE.ORG = {
                admin_server = A.EXAMPLE.ORG
                # admin_server = localhost.localdomain:8886
#               kpasswd_server = localhost.localdomain:8887
                default_domain = EXAMPLE.ORG
                kdc = localhost.localdomain:8888
                database_module = LDAP
        }
[dbdefaults]
#       database_module = LDAP
        ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"

[dbmodules]
        LDAP = {
        db_library = kldap
        ldap_kerberos_container_dn = "cn=krbContainer,dc=example,dc=org"
        ldap_kdc_dn = cn=admin,dc=example,dc=org
        ldap_kadmind_dn = cn=admin,dc=example,dc=org
        ldap_service_password_file = /home/haoqili/trunk/src/tests/kdc_realm2/sandbox/krb5kdc/admin.stash
        # ldap_service_password_file = /usr/local/var/krb5kdc/admin.stash
        ldap_servers = ldapi:///
        }
[domain_realm]
#       hamster-schnappi.mit.edu=EXAMPLE.ORG
        #h.com= EXAMPLE.ORG
        #.h.com= EXAMPLE.ORG

[logging]
        kdc = FILE:/tmp/mykdc.log
        default = FILE:/tmp/mykrb5.log
        admin_server = FILE:/tmp/myadmin.log
        #kdc = CONSOLE
Retrieved from "https://k5wiki.kerberos.org/wiki?title=Krb5.conf&oldid=2059"