diff options
Diffstat (limited to 'files/usr/local/var')
-rw-r--r-- | files/usr/local/var/krb5kdc/kadm5.acl.idm_server | 2 | ||||
-rw-r--r-- | files/usr/local/var/krb5kdc/kdc.conf.idm_server | 23 |
2 files changed, 25 insertions, 0 deletions
diff --git a/files/usr/local/var/krb5kdc/kadm5.acl.idm_server b/files/usr/local/var/krb5kdc/kadm5.acl.idm_server new file mode 100644 index 0000000..c2a454b --- /dev/null +++ b/files/usr/local/var/krb5kdc/kadm5.acl.idm_server @@ -0,0 +1,2 @@ +*/admin@${realm} * * -maxlife 1h -postdateable +${boxconf_username}@${realm} * * -maxlife 5m -postdateable diff --git a/files/usr/local/var/krb5kdc/kdc.conf.idm_server b/files/usr/local/var/krb5kdc/kdc.conf.idm_server new file mode 100644 index 0000000..ab16965 --- /dev/null +++ b/files/usr/local/var/krb5kdc/kdc.conf.idm_server @@ -0,0 +1,23 @@ +[realms] + ${realm} = { + database_module = openldap_ldapconf + key_stash_file = ${kdc_master_key_path} + max_life = ${kdc_max_life} + max_renewable_life = ${kdc_max_renewable_life} + default_principal_flags = +preauth + } + +[dbdefaults] + ldap_kerberos_container_dn = ${kdc_basedn} + ldap_kdc_sasl_mech = EXTERNAL + ldap_kadmind_sasl_mech = EXTERNAL + ldap_conns_per_server = 5 + +[dbmodules] + openldap_ldapconf = { + ldap_servers = ${slapd_ldapi_uri} + db_library = kldap + } + +[logging] + default = SYSLOG |