finish up idm_server hostclass

author: Cullum Smith <cullum@sacredheartsc.com> 2024-09-24 22:35:45 -0400
committer: Cullum Smith <cullum@sacredheartsc.com> 2024-09-24 22:35:45 -0400
commit: 6e00c9e8137aae1fb8dd568a62d9fb5fc4a277cb (patch)
tree: 9279f7a330affbb5da6a1f147739b8dfd92d4a19 /files/usr/local/var/krb5kdc/kdc.conf.idm_server
parent: d9c18b3fcb9b036b6cdf69397828b59ab4c53091 (diff)
download: infrastructure-6e00c9e8137aae1fb8dd568a62d9fb5fc4a277cb.tar.gz
1 files changed, 23 insertions, 0 deletions
diff --git a/files/usr/local/var/krb5kdc/kdc.conf.idm_server b/files/usr/local/var/krb5kdc/kdc.conf.idm_server
new file mode 100644
index 0000000..ab16965
--- /dev/null
+++ b/files/usr/local/var/krb5kdc/kdc.conf.idm_server
@@ -0,0 +1,23 @@
+[realms]
+  ${realm} = {
+    database_module = openldap_ldapconf
+    key_stash_file = ${kdc_master_key_path}
+    max_life = ${kdc_max_life}
+    max_renewable_life = ${kdc_max_renewable_life}
+    default_principal_flags = +preauth
+  }
+
+[dbdefaults]
+  ldap_kerberos_container_dn = ${kdc_basedn}
+  ldap_kdc_sasl_mech = EXTERNAL
+  ldap_kadmind_sasl_mech = EXTERNAL
+  ldap_conns_per_server = 5
+
+[dbmodules]
+  openldap_ldapconf = {
+    ldap_servers = ${slapd_ldapi_uri}
+    db_library = kldap
+  }
+
+[logging]
+  default = SYSLOG
author	Cullum Smith <cullum@sacredheartsc.com>	2024-09-24 22:35:45 -0400
committer	Cullum Smith <cullum@sacredheartsc.com>	2024-09-24 22:35:45 -0400
commit	6e00c9e8137aae1fb8dd568a62d9fb5fc4a277cb (patch)
tree	9279f7a330affbb5da6a1f147739b8dfd92d4a19 /files/usr/local/var/krb5kdc/kdc.conf.idm_server
parent	d9c18b3fcb9b036b6cdf69397828b59ab4c53091 (diff)
download	infrastructure-6e00c9e8137aae1fb8dd568a62d9fb5fc4a277cb.tar.gz