Write out remaining appdefaults entries on client

author: Timothy Pearson <[email protected]> 2015-09-29 15:32:39 -0500
committer: Timothy Pearson <[email protected]> 2015-09-29 15:32:39 -0500
commit: 7ebf958b1051f6a4034b68f25c20226b6d6e22fa (patch)
tree: 2b1b4f0e5d758f7bb3937045c4736cd9e5f8383a /src/libtdeldap.cpp
parent: 53a442c926a03e8cbd6b901679b9c658ee29e02f (diff)
download: libtdeldap-7ebf958b1051f6a4034b68f25c20226b6d6e22fa.tar.gz
libtdeldap-7ebf958b1051f6a4034b68f25c20226b6d6e22fa.zip
1 files changed, 6 insertions, 3 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 7543268..e9961ed 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -4904,10 +4904,13 @@ int LDAPManager::writeClientKrb5ConfFile(LDAPClientRealmConfig clientRealmConfig
 			ldap_certfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server);
 			ldap_crlfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server);
 
-			stream << "	pkinit_anchors = FILE:" << ldap_certfile << "\n";
-			stream << "	pkinit_revoke = FILE:" << ldap_crlfile << "\n";
+			stream << "    pkinit_anchors = FILE:" << ldap_certfile << "\n";
+			stream << "    pkinit_revoke = FILE:" << ldap_crlfile << "\n";
 		}
-		stream << "	pkinit_require_crl_checking = true\n";
+		stream << "    pkinit_require_crl_checking = true\n";
+		stream << "    pam = {\n";
+		stream << "        pkinit_user = PKCS11:" << TDECryptographicCardDevice::pkcsProviderLibrary() << "\n";
+		stream << "    }\n";
 		stream << "\n";
 
 		// Defaults
author	Timothy Pearson <[email protected]>	2015-09-29 15:32:39 -0500
committer	Timothy Pearson <[email protected]>	2015-09-29 15:32:39 -0500
commit	7ebf958b1051f6a4034b68f25c20226b6d6e22fa (patch)
tree	2b1b4f0e5d758f7bb3937045c4736cd9e5f8383a /src/libtdeldap.cpp
parent	53a442c926a03e8cbd6b901679b9c658ee29e02f (diff)
download	libtdeldap-7ebf958b1051f6a4034b68f25c20226b6d6e22fa.tar.gz libtdeldap-7ebf958b1051f6a4034b68f25c20226b6d6e22fa.zip