(heimdal.info.gz) Configuration file
Info Catalog
(heimdal.info.gz) Setting up a realm
(heimdal.info.gz) Setting up a realm
(heimdal.info.gz) Creating the database
4.1 Configuration file
======================
To setup a realm you will first have to create a configuration file:
`/etc/krb5.conf'. The `krb5.conf' file can contain many configuration
options, some of which are described here.
There is a sample `krb5.conf' supplied with the distribution.
The configuration file is a hierarchical structure consisting of
sections, each containing a list of bindings (either variable
assignments or subsections). A section starts with `[`section-name']'.
A binding consists of a left hand side, an equal sign (`=') and a right
hand side (the left hand side tag must be separated from the equal sign
with some whitespace). Subsections have a `{' as the first
non-whitespace character after the equal sign. All other bindings are
treated as variable assignments. The value of a variable extends to the
end of the line.
[section1]
a-subsection = {
var = value1
other-var = value with {}
sub-sub-section = {
var = 123
}
}
var = some other value
[section2]
var = yet another value
In this manual, names of sections and bindings will be given as strings
separated by slashes (`/'). The `other-var' variable will thus be
`section1/a-subsection/other-var'.
For in-depth information about the contents of the configuration file,
refer to the `krb5.conf' manual page. Some of the more important
sections are briefly described here.
The `libdefaults' section contains a list of library configuration
parameters, such as the default realm and the timeout for KDC
responses. The `realms' section contains information about specific
realms, such as where they hide their KDC. This section serves the same
purpose as the Kerberos 4 `krb.conf' file, but can contain more
information. Finally the `domain_realm' section contains a list of
mappings from domains to realms, equivalent to the Kerberos 4
`krb.realms' file.
To continue with the realm setup, you will have to create a
configuration file, with contents similar to the following.
[libdefaults]
default_realm = MY.REALM
[realms]
MY.REALM = {
kdc = my.kdc my.slave.kdc
kdc = my.third.kdc
}
[domain_realm]
.my.domain = MY.REALM
If you use a realm name equal to your domain name, you can omit the
`libdefaults', and `domain_realm', sections. If you have a DNS
SRV-record for your realm, or your Kerberos server has DNS CNAME
`kerberos.my.realm', you can omit the `realms' section too.
Info Catalog
(heimdal.info.gz) Setting up a realm
(heimdal.info.gz) Setting up a realm
(heimdal.info.gz) Creating the database
automatically generated byinfo2html