blob: 7fa50c3c1e59bb079624a7d2ce12493d6962178f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
[libdefaults]
default_realm = ${realm}
dns_lookup_kdc = true
dns_lookup_realm = false
allow_weak_crypto = false
permitted_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
default_keytab_name = FILE:/var/krb5/user/%{euid}/keytab
default_client_keytab_name = FILE:/var/krb5/user/%{euid}/client.keytab
forwardable = true
ticket_lifetime = ${krb5_ticket_lifetime}
renew_lifetime = ${krb5_renew_lifetime}
[appdefaults]
pam = {
minimum_uid = 1000
ccache = FILE:/tmp/krb5cc_%u_XXXXXX
}
[realms]
${realm} = {
$(for host in $ldap_hosts; do echo "\
admin_server = ${host}"; done)
default_domain = ${domain}
}
[domain_realm]
.${domain} = ${realm}
${domain} = ${realm}
|
