diff options
author | Greg Hudson <ghudson@mit.edu> | 2013-08-07 15:48:36 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2013-08-15 12:39:58 -0400 |
commit | 2721a662a3d88601bff991599928c1566be7485a (patch) | |
tree | 494052fe33335b21f954953496a2a25386ae52f4 /doc/admin/conf_files | |
parent | 7ad5f3bfd8b57d2f4c001182792e25968309ca8a (diff) | |
download | krb5-2721a662a3d88601bff991599928c1566be7485a.tar.gz krb5-2721a662a3d88601bff991599928c1566be7485a.tar.xz krb5-2721a662a3d88601bff991599928c1566be7485a.zip |
Document hostrealm interface
ticket: 7687
Diffstat (limited to 'doc/admin/conf_files')
-rw-r--r-- | doc/admin/conf_files/krb5_conf.rst | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst index 40630277b9..6fa94e7c81 100644 --- a/doc/admin/conf_files/krb5_conf.rst +++ b/doc/admin/conf_files/krb5_conf.rst @@ -743,6 +743,32 @@ built-in modules exist for these interfaces: **encrypted_timestamp** This module implements the encrypted timestamp mechanism. +.. _hostrealm: + +hostrealm interface +################### + +The hostrealm section (introduced in release 1.12) controls modules +for the host-to-realm interface, which affects the local mapping of +hostnames to realm names and the choice of default realm. The following +built-in modules exist for this interface: + +**profile** + This module consults the [domain_realm] section of the profile for + authoritative host-to-realm mappings, and the **default_realm** + variable for the default realm. + +**dns** + This module looks for DNS records for fallback host-to-realm + mappings and the default realm. It only operates if the + **dns_lookup_realm** variable is set to true. + +**domain** + This module applies heuristics for fallback host-to-realm + mappings. It implements the **realm_try_domains** variable, and + uses the uppercased parent domain of the hostname if that does not + produce a result. + .. _localauth: localauth interface |