27 lines
855 B
Text
27 lines
855 B
Text
|
|
[kdcdefaults]
|
|
kdc_ports = 88
|
|
kdc_tcp_ports = 88
|
|
|
|
[realms]
|
|
<%= kerberos_realm %> = {
|
|
database_module = ldap.<%= kerberos_realm.downcase %>
|
|
key_stash_file = /srv/kerberos/.k5.<%= kerberos_realm %>
|
|
max_life = 24h 0m 0s
|
|
max_renewable_life = 7d 0h 0m 0s
|
|
master_key_type = aes256-cts-hmac-sha1-96
|
|
supported_enctypes = aes256-cts-hmac-sha1-96:normal
|
|
}
|
|
|
|
[dbdefaults]
|
|
ldap_kerberos_container_dn = "ou=system,<%= ldap_basedn %>"
|
|
|
|
[dbmodules]
|
|
ldap.<%= kerberos_realm.downcase %> = {
|
|
db_library = kldap
|
|
ldap_kerberos_container_dn = ou=system,<%= ldap_basedn %>
|
|
ldap_kdc_dn = "uid=krb5admin,ou=system,<%= ldap_basedn %>"
|
|
ldap_kadmind_dn = "uid=krb5admin,ou=system,<%= ldap_basedn %>"
|
|
ldap_service_password_file = "/srv/kerberos/.ldap.<%= kerberos_realm %>"
|
|
ldap_servers = "<%= ldap_server.join(" ") %>"
|
|
}
|