summaryrefslogtreecommitdiffstats
path: root/install/share/krb5.conf.template
diff options
context:
space:
mode:
Diffstat (limited to 'install/share/krb5.conf.template')
-rw-r--r--install/share/krb5.conf.template42
1 files changed, 42 insertions, 0 deletions
diff --git a/install/share/krb5.conf.template b/install/share/krb5.conf.template
new file mode 100644
index 00000000..b81cedfe
--- /dev/null
+++ b/install/share/krb5.conf.template
@@ -0,0 +1,42 @@
+[logging]
+ default = FILE:/var/log/krb5libs.log
+ kdc = FILE:/var/log/krb5kdc.log
+ admin_server = FILE:/var/log/kadmind.log
+
+[libdefaults]
+ default_realm = $REALM
+ dns_lookup_realm = true
+ dns_lookup_kdc = true
+ ticket_lifetime = 24h
+ forwardable = yes
+
+[realms]
+ $REALM = {
+ kdc = $FQDN:88
+ admin_server = $FQDN:749
+ default_domain = $DOMAIN
+}
+
+[domain_realm]
+ .$DOMAIN = $REALM
+ $DOMAIN = $REALM
+
+[appdefaults]
+ pam = {
+ debug = false
+ ticket_lifetime = 36000
+ renew_lifetime = 36000
+ forwardable = true
+ krb4_convert = false
+ }
+
+[dbmodules]
+ $REALM = {
+ db_library = kldap
+ ldap_servers = ldap://127.0.0.1/
+ ldap_kerberos_container_dn = cn=kerberos,$SUFFIX
+ ldap_kdc_dn = uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX
+ ldap_kadmind_dn = uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX
+ ldap_service_password_file = /var/kerberos/krb5kdc/ldappwd
+ }
+
generated by cgit (git 2.34.1) at 2024-05-02 13:09:00 +0000