diff options
| author | Timothy Pearson <[email protected]> | 2012-06-04 02:43:34 -0500 |
|---|---|---|
| committer | Timothy Pearson <[email protected]> | 2012-06-04 02:43:34 -0500 |
| commit | ffa65c885b78a8d783f9e8cd51cf7c0b751207f9 (patch) | |
| tree | 5265da262e38753ddad75c7b9a98fb9119dd9215 /confskel/heimdal | |
| parent | c39d52d4c9425c45394105bebdd6f2fac29569ee (diff) | |
| download | kcmldapcontroller-ffa65c885b78a8d783f9e8cd51cf7c0b751207f9.tar.gz kcmldapcontroller-ffa65c885b78a8d783f9e8cd51cf7c0b751207f9.zip | |
New realm now functions almost fully
Diffstat (limited to 'confskel/heimdal')
| -rw-r--r-- | confskel/heimdal/heimdal.defaults | 2 | ||||
| -rw-r--r-- | confskel/heimdal/kdc.conf | 16 | ||||
| -rw-r--r-- | confskel/heimdal/krb5.conf | 13 |
3 files changed, 11 insertions, 20 deletions
diff --git a/confskel/heimdal/heimdal.defaults b/confskel/heimdal/heimdal.defaults index 616f509..ce60dd5 100644 --- a/confskel/heimdal/heimdal.defaults +++ b/confskel/heimdal/heimdal.defaults @@ -2,7 +2,7 @@ START="yes" KDC_ENABLED="yes" -KDC_PARAMS="" +KDC_PARAMS="--config-file=/etc/heimdal-kdc/kdc.conf" KPASSWDD_ENABLED="yes" KPASSWDD_PARAMS="" diff --git a/confskel/heimdal/kdc.conf b/confskel/heimdal/kdc.conf index 62d6fb3..96f3a8d 100644 --- a/confskel/heimdal/kdc.conf +++ b/confskel/heimdal/kdc.conf @@ -1,8 +1,12 @@ [kdc] -logging = FILE:/var/log/heimdal-kdc.log -enable-pkinit = yes -pki-identity = FILE:/etc/trinity/ldap/tde-ca/public/@@@KDCSERVER@@@.pki.crt,/etc/trinity/ldap/tde-ca/private/@@@KDCSERVER@@@.pki.key -pki-anchors = FILE:/etc/trinity/ldap/tde-ca/anchors/tdeca.pem -pki-allow-proxy-certificate = false -acl_file = /etc/heimdal-kdc/kadmind.acl + logging = FILE:/var/log/heimdal-kdc.log + enable-pkinit = yes + pkinit_identity = FILE:/etc/trinity/ldap/tde-ca/public/@@@KDCSERVER@@@.pki.crt,/etc/trinity/ldap/tde-ca/private/@@@KDCSERVER@@@.pki.key + pkinit_anchors = FILE:/etc/trinity/ldap/tde-ca/anchors/tdeca.pem + pkinit_allow-proxy-certificate = false + acl_file = /etc/heimdal-kdc/kadmind.acl + database = { + dbname = ldap:@@@REALM_DCNAME@@@ + acl_file = /etc/heimdal-kdc/kadmind.acl + }
\ No newline at end of file diff --git a/confskel/heimdal/krb5.conf b/confskel/heimdal/krb5.conf index 9185177..e76a90f 100644 --- a/confskel/heimdal/krb5.conf +++ b/confskel/heimdal/krb5.conf @@ -1,8 +1,6 @@ [libdefaults] ticket_lifetime = 86400 default_realm = @@@REALM_UCNAME@@@ - default_etypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5 - default_etypes_des = des3-hmac-sha1 des-cbc-crc des-cbc-md5 [appdefaults] pkinit_anchors = FILE:/etc/trinity/ldap/tde-ca/anchors/tdeca.pem @@ -21,17 +19,6 @@ @@@REALM_LCNAME@@@ = @@@REALM_UCNAME@@@ .@@@REALM_LCNAME@@@ = @@@REALM_UCNAME@@@ -[kdc] - enable-pkinit = yes - pkinit_identity = FILE:/etc/trinity/ldap/tde-ca/public/@@@KDCSERVER@@@.pki.crt,/etc/trinity/ldap/tde-ca/private/@@@KDCSERVER@@@.pki.key - pkinit_anchors = FILE:/etc/trinity/ldap/tde-ca/anchors/tdeca.pem - pkinit_allow-proxy-certificate = false - - database = { - dbname = ldap:@@@REALM_DCNAME@@@ - acl_file = /etc/heimdal-kdc/kadmind.acl - } - [logging] kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmin.log |