43 lines
781 B
Plaintext
43 lines
781 B
Plaintext
$INCLUDES
|
|
|
|
[logging]
|
|
default = FILE:/var/log/krb5libs.log
|
|
kdc = FILE:/var/log/krb5kdc.log
|
|
admin_server = FILE:/var/log/kadmind.log
|
|
|
|
[libdefaults]
|
|
default_realm = $REALM
|
|
dns_lookup_realm = false
|
|
dns_lookup_kdc = true
|
|
rdns = false
|
|
ticket_lifetime = 24h
|
|
forwardable = true
|
|
udp_preference_limit = 0
|
|
$OTHER_LIBDEFAULTS
|
|
[realms]
|
|
$REALM = {
|
|
kdc = $FQDN:88
|
|
master_kdc = $FQDN:88
|
|
kpasswd_server = $FQDN:464
|
|
admin_server = $FQDN:749
|
|
default_domain = $DOMAIN
|
|
pkinit_anchors = FILE:$KDC_CA_BUNDLE_PEM
|
|
pkinit_pool = FILE:$CA_BUNDLE_PEM
|
|
}
|
|
|
|
[domain_realm]
|
|
.$DOMAIN = $REALM
|
|
$DOMAIN = $REALM
|
|
$FQDN = $REALM
|
|
$OTHER_DOMAIN_REALM_MAPS
|
|
[dbmodules]
|
|
$REALM = {
|
|
db_library = ipadb.so
|
|
}
|
|
|
|
[plugins]
|
|
certauth = {
|
|
module = ipakdb:kdb/ipadb.so
|
|
enable_only = ipakdb
|
|
}
|