DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH
 

(heimdal.info.gz) Configuration file

Info Catalog (heimdal.info.gz) Setting up a realm (heimdal.info.gz) Setting up a realm (heimdal.info.gz) Creating the database
 
 4.1 Configuration file
 ======================
 
 To setup a realm you will first have to create a configuration file:
 `/etc/krb5.conf'. The `krb5.conf' file can contain many configuration
 options, some of which are described here.
 
 There is a sample `krb5.conf' supplied with the distribution.
 
 The configuration file is a hierarchical structure consisting of
 sections, each containing a list of bindings (either variable
 assignments or subsections). A section starts with `[`section-name']'.
 A binding consists of a left hand side, an equal sign (`=') and a right
 hand side (the left hand side tag must be separated from the equal sign
 with some whitespace). Subsections have a `{' as the first
 non-whitespace character after the equal sign. All other bindings are
 treated as variable assignments. The value of a variable extends to the
 end of the line.
 
      [section1]
              a-subsection = {
                      var = value1
                      other-var = value with {}
                      sub-sub-section = {
                              var = 123
                      }
              }
              var = some other value
      [section2]
              var = yet another value
 
 In this manual, names of sections and bindings will be given as strings
 separated by slashes (`/'). The `other-var' variable will thus be
 `section1/a-subsection/other-var'.
 
 For in-depth information about the contents of the configuration file,
 refer to the `krb5.conf' manual page. Some of the more important
 sections are briefly described here.
 
 The `libdefaults' section contains a list of library configuration
 parameters, such as the default realm and the timeout for KDC
 responses. The `realms' section contains information about specific
 realms, such as where they hide their KDC. This section serves the same
 purpose as the Kerberos 4 `krb.conf' file, but can contain more
 information. Finally the `domain_realm' section contains a list of
 mappings from domains to realms, equivalent to the Kerberos 4
 `krb.realms' file.
 
 To continue with the realm setup, you will have to create a
 configuration file, with contents similar to the following.
 
      [libdefaults]
              default_realm = MY.REALM
      [realms]
              MY.REALM = {
                      kdc = my.kdc my.slave.kdc
                      kdc = my.third.kdc
              }
      [domain_realm]
              .my.domain = MY.REALM
 
 If you use a realm name equal to your domain name, you can omit the
 `libdefaults', and `domain_realm', sections. If you have a DNS
 SRV-record for your realm, or your Kerberos server has DNS CNAME
 `kerberos.my.realm', you can omit the `realms' section too.
 
Info Catalog (heimdal.info.gz) Setting up a realm (heimdal.info.gz) Setting up a realm (heimdal.info.gz) Creating the database
automatically generated byinfo2html