A sample krb5.conf file is provided in the /opt/novell/kerberos/ directory. You can use the /etc/krb5.conf configuration file to set the default values. While managing NovellĀ® Kerberos KDC, if you do not specify any of the mandatory parameters, the values specified in /etc/krb5.conf file are used. This file looks similar to the following:
[libdefaults] default_realm = ATHENA.MIT.EDU [realms] ATHENA.MIT.EDU = { max_life = 10h 0m 0s max_renewable_life = 7d 0h 0m 0s acl_file = /opt/novell/kerberos/kadm5.acl dict_file = /opt/novell/kerberos/kadm5.dict kdc = kerberos.mit.edu admin_server = kerberos-1.mit.edu kpasswd_server = kerberos-1.mit.edu database_module = ldapconf } [domain_realm] .mit.edu = ATHENA.MIT.EDU mit.edu = ATHENA.MIT.EDU [logging] kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log kpasswd_server = FILE:/var/log/kpasswdd.log [dbdefaults] database_module = ldapconf [dbmodules]
db_module_dir=/opt/novell/kerberos/lib/
ldapconf = { db_library = kldap ldap_kdc_dn = "cn=KDC Server - kerberos.mit.edu,o=mit" ldap_kadmind_dn = "cn=Admin Server - kerberos.mit.edu,o=mit" ldap_kpasswdd_dn = "cn=Passwd Server - kerberos.mit.edu,o=mit" ldap_root_certificate_file = /opt/novell/kerberos/Trustedroot.der ldap_service_password_file = /opt/novell/kerberos/keyfile realm_read_refresh_interval = 300 ldap_servers = ldaps://ldap-server1.mit.edu ldaps://ldap-server2.mit.edu:1636 ldap_conns_per_server = 2 }