diff options
| author | Sumit Bose <sbose@redhat.com> | 2012-08-16 13:16:55 +0200 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2012-09-19 20:47:52 -0400 |
| commit | 6319660972367630e17e94b5b46cab75b2118f0f (patch) | |
| tree | f3718c110ff2fd9a3dd7d6fe262f2b11b647d693 /install | |
| parent | db2b5ef27f9894114a4a88c3a5e194fe11ccb5a1 (diff) | |
| download | freeipa.git-6319660972367630e17e94b5b46cab75b2118f0f.tar.gz freeipa.git-6319660972367630e17e94b5b46cab75b2118f0f.tar.xz freeipa.git-6319660972367630e17e94b5b46cab75b2118f0f.zip | |
Set master_kdc and dns_lookup_kdc to true
https://fedorahosted.org/freeipa/ticket/2515
Diffstat (limited to 'install')
| -rw-r--r-- | install/share/krb5.conf.template | 3 | ||||
| -rw-r--r-- | install/share/krb5.ini.template | 1 | ||||
| -rwxr-xr-x | install/tools/ipa-replica-conncheck | 3 |
3 files changed, 5 insertions, 2 deletions
diff --git a/install/share/krb5.conf.template b/install/share/krb5.conf.template index eda8ba6f..f8b1a6f0 100644 --- a/install/share/krb5.conf.template +++ b/install/share/krb5.conf.template @@ -6,7 +6,7 @@ [libdefaults] default_realm = $REALM dns_lookup_realm = false - dns_lookup_kdc = false + dns_lookup_kdc = true rdns = false ticket_lifetime = 24h forwardable = yes @@ -14,6 +14,7 @@ [realms] $REALM = { kdc = $FQDN:88 + master_kdc = $FQDN:88 admin_server = $FQDN:749 default_domain = $DOMAIN pkinit_anchors = FILE:/etc/ipa/ca.crt diff --git a/install/share/krb5.ini.template b/install/share/krb5.ini.template index 89f4a370..01cc1369 100644 --- a/install/share/krb5.ini.template +++ b/install/share/krb5.ini.template @@ -8,6 +8,7 @@ $REALM = {
admin_server = $FQDN
kdc = $FQDN
+ master_kdc = $FQDN
default_domain = $REALM
}
diff --git a/install/tools/ipa-replica-conncheck b/install/tools/ipa-replica-conncheck index 8e4536cf..169e9dc9 100755 --- a/install/tools/ipa-replica-conncheck +++ b/install/tools/ipa-replica-conncheck @@ -177,7 +177,7 @@ def configure_krb5_conf(realm, kdc, filename): #[libdefaults] libdefaults = [{'name':'default_realm', 'type':'option', 'value':realm}] libdefaults.append({'name':'dns_lookup_realm', 'type':'option', 'value':'false'}) - libdefaults.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'false'}) + libdefaults.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'true'}) libdefaults.append({'name':'rdns', 'type':'option', 'value':'false'}) libdefaults.append({'name':'ticket_lifetime', 'type':'option', 'value':'24h'}) libdefaults.append({'name':'forwardable', 'type':'option', 'value':'yes'}) @@ -188,6 +188,7 @@ def configure_krb5_conf(realm, kdc, filename): #the following are necessary only if DNS discovery does not work #[realms] realms_info =[{'name':'kdc', 'type':'option', 'value':ipautil.format_netloc(kdc, 88)}, + {'name':'master_kdc', 'type':'option', 'value':ipautil.format_netloc(kdc, 88)}, {'name':'admin_server', 'type':'option', 'value':ipautil.format_netloc(kdc, 749)}] realms = [{'name':realm, 'type':'subsection', 'value':realms_info}] |