Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [libdefaults]
- default_realm = DOMAIN.DOM
- # The following krb5.conf variables are only for MIT Kerberos.
- krb4_config = /etc/krb.conf
- krb4_realms = /etc/krb.realms
- kdc_timesync = 1
- ccache_type = 4
- forwardable = true
- proxiable = true
- ticket_lifetime = 24h
- dns_lookup_realm = false
- dns_lookup_kdc = false
- # The following encryption type specification will be used by MIT Kerberos
- # if uncommented. In general, the defaults in the MIT Kerberos code are
- # correct and overriding these specifications only serves to disable new
- # encryption types as they are added, creating interoperability problems.
- #
- # Thie only time when you might need to uncomment these lines and change
- # the enctypes is if you have local software that will break on ticket
- # caches containing ticket encryption types it doesn't know about (such as
- # old versions of Sun Java).
- # default_tgs_enctypes = des3-hmac-sha1
- # default_tkt_enctypes = des3-hmac-sha1
- # permitted_enctypes = des3-hmac-sha1
- # The following libdefaults parameters are only for Heimdal Kerberos.
- v4_instance_resolve = false
- v4_name_convert = {
- host = {
- rcmd = host
- ftp = ftp
- }
- plain = {
- something = something-else
- }
- }
- fcc-mit-ticketflags = true
- [realms]
- DOMAIN.DOM = {
- kdc = dc.domain.dom
- admin_server = dc.domain.dom
- default_domain = DOMAIN.DOM
- }
- [domain_realm]
- domain.dom = DOMAIN.DOM
- .domain.dom = DOMAIN.DOM
- [login]
- krb4_get_tickets = false
- krb4_convert = false
- [appdefaults]
- pam = {
- debug = false
- ticket_lifetime = 36000
- renew__lifetime = 36000
- forwardable = true
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement