SHARE
TWEET

krb5.conf

boubou Aug 4th, 2017 (edited) 50 in 74 days
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # cat /etc/krb5.conf
  2. [libdefaults]
  3.   ticket_lifetime = 24h
  4.   default_realm = DOMAIN.QC.CA
  5.   dns_lookup_realm = false
  6.   dns_lookup_kdc = false
  7.   forwardable = true
  8.   default_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 rc4-hmac
  9.   default_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 rc4-hmac
  10.   permitted_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 rc4-hmac
  11.   #default_tkt_enctypes = aes128-cts-hmac-sha1-96 rc4-hmac
  12.   #default_tgs_enctypes = aes128-cts-hmac-sha1-96  rc4-hmac
  13.   #permitted_enctypes = aes128-cts-hmac-sha1-96 rc4-hmac
  14.  
  15. [realms]
  16.   DOMAIN.QC.CA = {
  17.   kdc = dc.domain.qc.ca
  18.   admin_server = dc.domain.qc.ca
  19.   default_domain = DOMAIN.QC.CA
  20.   }
  21.  
  22. [domain_realm]
  23.   .domain.qc.ca = DOMAIN.QC.CA
  24.   domain.qc.ca = DOMAIN.QC.CA
  25.  
  26. [kdc]
  27.   profile = /etc/krb5kdc/kdc.conf
  28.  
  29. [appdefaults]
  30.   pam = {
  31.   debug = false
  32.   ticket_lifetime = 36000
  33.   renew_lifetime = 36000
  34.   forwardable = true
  35.   krb4_convert = false
  36.   }
  37.  
  38. [logging]
  39.   kdc = FILE:/var/log/krb5kdc.log
  40.   admin_server = FILE:/var/log/kadmin.log
  41.   default = FILE:/var/log/krb5lib.log
RAW Paste Data
Top