Personal tools
You are here: Home Tools /etc/krb5.conf sample file
 
Document Actions

/etc/krb5.conf sample file

last modified 2007-02-19 05:20 PM

Click here to get the file

Size 3.3 kB - File type text/plain

File contents

[libdefaults]
	default_realm = <your AD Domain>

# The following krb5.conf variables are only for MIT Kerberos.
	krb4_config = /etc/krb.conf
	krb4_realms = /etc/krb.realms
	kdc_timesync = 1
	ccache_type = 4
	forwardable = true
	proxiable = true
# The following encryption type specification will be used by MIT Kerberos
# if uncommented.  In general, the defaults in the MIT Kerberos code 
# are correct and overriding these specifications only serves to disable
# new encryption types as they are added, creating interoperability problems.
#	default_tgs_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5
#	default_tkt_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5
#permitted_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5

# The following libdefaults parameters are only for Heimdal Kerberos.
	v4_instance_resolve = false
	v4_name_convert = {
		host = {
			rcmd = host
			ftp = ftp
		}
		plain = {
			something = something-else
		}
	}



[realms]

	<your AD Domain>  = {
		kdc = <DNS of your pdc>
		admin_server = <DNS of your pdc>
	}

	<your DNS domain>  = {
		kdc = <your pdc DNS name here>
		admin_server = <your pdc DNS name here>
	}

	ATHENA.MIT.EDU = {
		kdc = kerberos.mit.edu:88
		kdc = kerberos-1.mit.edu:88
		kdc = kerberos-2.mit.edu:88
		kdc = kerberos-3.mit.edu:88
		admin_server = kerberos.mit.edu
		default_domain = mit.edu
	}
	MEDIA-LAB.MIT.EDU = {
		kdc = kerberos.media.mit.edu
		admin_server = kerberos.media.mit.edu
	}
	ZONE.MIT.EDU = {
		kdc = casio.mit.edu
		kdc = seiko.mit.edu
		admin_server = casio.mit.edu
	}
	MOOF.MIT.EDU = {
		kdc = three-headed-dogcow.mit.edu:88
		kdc = three-headed-dogcow-1.mit.edu:88
		admin_server = three-headed-dogcow.mit.edu
	}
	CYGNUS.COM = {
		kdc = KERBEROS.CYGNUS.COM
		kdc = KERBEROS-1.CYGNUS.COM
		admin_server = KERBEROS.CYGNUS.COM
	}
	GREY17.ORG = {
		kdc = kerberos.grey17.org
		admin_server = kerberos.grey17.org
	}
	IHTFP.ORG = {
		kdc = kerberos.ihtfp.org
		admin_server = kerberos.ihtfp.org
	}
	GNU.ORG = {
		kdc = kerberos.gnu.org
		kdc = kerberos-2.gnu.org
		kdc = kerberos-3.gnu.org
		admin_server = kerberos.gnu.org
	}
	1TS.ORG = {
		kdc = kerberos.1ts.org
		admin_server = kerberos.1ts.org
	}
	GRATUITOUS.ORG = {
		kdc = kerberos.gratuitous.org
		admin_server = kerberos.gratuitous.org
	}
	DOOMCOM.ORG = {
		kdc = kerberos.doomcom.org
		admin_server = kerberos.doomcom.org
	}

	ANDREW.CMU.EDU = {
		kdc = vice28.fs.andrew.cmu.edu
		kdc = vice2.fs.andrew.cmu.edu
		kdc = vice11.fs.andrew.cmu.edu
		kdc = vice12.fs.andrew.cmu.edu
		admin_server = vice28.fs.andrew.cmu.edu
		default_domain = andrew.cmu.edu
	}
	CS.CMU.EDU = {
		kdc = kerberos.cs.cmu.edu
		kdc = kerberos-2.srv.cs.cmu.edu
		admin_server = kerberos.cs.cmu.edu
	}
	DEMENTIA.ORG = {
		kdc = kerberos.dementia.org
		kdc = kerberos2.dementia.org
		admin_server = kerberos.dementia.org
	}


[domain_realm]
	.drr.local=DRR.LOCAL
	drr.local=DRR.LOCAL
	.digitalrailroad=DIGITALRAILROAD
	digitalrailroad=DIGITALRAILROAD
	.mit.edu = ATHENA.MIT.EDU
	mit.edu = ATHENA.MIT.EDU
	.media.mit.edu = MEDIA-LAB.MIT.EDU
	media.mit.edu = MEDIA-LAB.MIT.EDU
	.whoi.edu = ATHENA.MIT.EDU
	whoi.edu = ATHENA.MIT.EDU
	.stanford.edu = stanford.edu
	stanford.edu = stanford.edu

[login]
	krb4_convert = true
	krb4_get_tickets = false
 
Powered by Plone CMS, the Open Source Content Management System

This site conforms to the following standards: