A sample krb5.conf file is provided in the /opt/novell/kerberos/ directory. You can use the /etc/krb5.conf configuration file to set the default values. If you do not specify any of the mandatory parameters while managing the NovellĀ® Kerberos KDC, the values are taken from the /etc/krb5.conf file. This file looks similar to the following:
[libdefaults]
default_realm = ATHENA.MIT.EDU
[realms]
ATHENA.MIT.EDU = {
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
acl_file = /opt/novell/kerberos/kadm5.acl
dict_file = /opt/novell/kerberos/kadm5.dict
kdc = kerberos.mit.edu
admin_server = kerberos-1.mit.edu
kpasswd_server = kerberos-1.mit.edu
database_module = ldapconf
}
[domain_realm]
.mit.edu = ATHENA.MIT.EDU
mit.edu = ATHENA.MIT.EDU
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
kpasswd_server = FILE:/var/log/kpasswdd.log
[dbdefaults]
database_module = ldapconf
[dbmodules]
db_module_dir = /opt/novell/kerberos/lib
ldapconf = {
db_library = kldap
ldap_kdc_dn = "cn=KDC Server - kerberos.mit.edu,o=mit"
ldap_kadmind_dn = "cn=Admin Server -kerberos.mit.edu,o=mit"
ldap_kpasswdd_dn = "cn=Passwd Server - kerberos.mit.edu,o=mit"
ldap_root_certificate_file = /opt/novell/kerberos/TrustedRoot-ldap-server1.mit.edu.der
ldap_service_password_file = /opt/novell/kerberos/keyfile
ldap_servers = ldaps://dap-server1.mit.edu ldaps://ldap-server2.mit.edu:1636
ldap_conns_per_server = 5
}