Kerberos: Difference between revisions

From Q
Jump to navigation Jump to search
← Older editNewer edit →
Tgurr (talk | contribs)
1,619 edits
No edit summary
Tgurr (talk | contribs)
1,619 edits
No edit summary
Line 3: Line 3:
{{File|/etc/krb5.conf|
{{File|/etc/krb5.conf|
<pre>
<pre>
[libdefaults]
[libdefauls]
        ticket_lifetime = 600
    default_realm = YOUR-DOMAIN.LOCAL
        default_realm = YOURDOMAIN.LOCAL
    dns_lookup_realm = true
 
    dns_lookup_kdc = true
[realms]
    ticket_lifetime = 24h
        YOURDOMAIN.LOCAL = {
    renew_lifetime = 7d
                kdc = domaincontroller.yourdomain.local:88
    rdns = false
                admin_server = domaincontroller.yourdomain.local:464
    forwardable = yes
        }
 
[domain_realm]
        .yourdomain.local = YOURDOMAIN.LOCAL
 
#[kdc]
#        profile = /etc/krb5kdc/kdc.conf
#
#[logging]
#        default = SYSLOG:NOTICE:DAEMON
#        kdc = FILE:/var/log/krb5kdc.log
#        admin_server = FILE:/var/log/kadmin.log
#        default = FILE:/var/log/krb5lib.log
</pre>
</pre>
}}
}}

Revision as of 12:01, 13 May 2013

Configuration is the same for heimdal or mit-krb5.

File: /etc/krb5.conf
[libdefauls]
    default_realm = YOUR-DOMAIN.LOCAL
    dns_lookup_realm = true
    dns_lookup_kdc = true
    ticket_lifetime = 24h
    renew_lifetime = 7d
    rdns = false
    forwardable = yes
Retrieved from "https://q-old.deltaquadrant.org/index.php?title=Kerberos&oldid=3581"