Reorganized repo to reflect packaging.

1 files changed, 42 insertions, 0 deletions

diff --git a/ipa-server/ipa-install/share/krb5.conf.template b/ipa-server/ipa-install/share/krb5.conf.template
new file mode 100644
index 000000000..23a247034
--- /dev/null
+++ b/ipa-server/ipa-install/share/krb5.conf.template
@@ -0,0 +1,42 @@
+[logging]
+ default = FILE:/var/log/krb5libs.log
+ kdc = FILE:/var/log/krb5kdc.log
+ admin_server = FILE:/var/log/kadmind.log
+
+[libdefaults]
+ default_realm = $REALM
+ dns_lookup_realm = true
+ dns_lookup_kdc = true
+ ticket_lifetime = 24h
+ forwardable = yes
+
+[realms]
+ $REALM = {
+  kdc = $FQDN:88
+  admin_server = $FQDN:749
+  default_domain = $DOMAIN
+}
+
+[domain_realm]
+ .$DOMAIN = $REALM
+ $DOMAIN = $REALM
+
+[appdefaults]
+ pam = {
+   debug = false
+   ticket_lifetime = 36000
+   renew_lifetime = 36000
+   forwardable = true
+   krb4_convert = false
+ }
+
+[dbmodules]
+  $REALM = {
+    db_library = kldap
+    ldap_servers = ldap://127.0.0.1/
+    ldap_kerberos_container_dn = cn=kerberos,$SUFFIX
+    ldap_kdc_dn = uid=kdc,cn=kerberos,$SUFFIX
+    ldap_kadmind_dn = uid=kdc,cn=kerberos,$SUFFIX
+    ldap_service_password_file = /var/kerberos/krb5kdc/ldappwd
+  }
+