aboutsummaryrefslogtreecommitdiff
path: root/files/etc/krb5.conf.common
blob: 7eed6d200223cc3379905d08f19d47271de3a816 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
[libdefaults]
  default_realm = ${realm}
  dns_lookup_kdc = true
  dns_lookup_realm = false
  allow_weak_crypto = false
  permitted_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
  default_keytab_name = FILE:/var/krb5/user/%{euid}/keytab
  default_client_keytab_name = FILE:/var/krb5/user/%{euid}/client.keytab

[appdefaults]
  pam = {
    minimum_uid = 1000
    ccache = FILE:/tmp/krb5cc_%u_XXXXXX
    forwardable = true
    ticket_lifetime = ${krb5_ticket_lifetime}
    renew_lifetime = ${krb5_renew_lifetime}
  }

[realms]
  ${realm} = {
$(for host in $ldap_hosts; do echo "\
    admin_server = ${host}"; done)
    default_domain = ${domain}
  }

[domain_realm]
  .${domain} = ${realm}
  ${domain}  = ${realm}