Kerberos: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 15: | Line 15: | ||
== Testing == | == Testing == | ||
Query DNS for Kerberos servers. | |||
{{Root|host -t srv _kerberos._tcp.yourdomain.local}} | |||
Get Kerberos ticket for domainuser. | Get Kerberos ticket for domainuser. | ||
{{Root|kinit domainuser@YOURDOMAIN.LOCAL}} | {{Root|kinit domainuser@YOURDOMAIN.LOCAL}} | ||
List cached Kerberos tickets. | List cached Kerberos tickets. | ||
{{Root|klist}} | {{Root|klist}} | ||
Revision as of 12:54, 13 May 2013
Configuration is the same for heimdal or mit-krb5.
File: /etc/krb5.conf
[libdefauls]
default_realm = YOUR-DOMAIN.LOCAL
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
rdns = false
forwardable = yes
Testing
Query DNS for Kerberos servers.
# host -t srv _kerberos._tcp.yourdomain.local
Get Kerberos ticket for domainuser.
# kinit domainuser@YOURDOMAIN.LOCAL
List cached Kerberos tickets.
# klist