Configuring the Kerberos Server With
You must install all the critical Kerberos server files on the system before you start configuring the Kerberos Server. You must configure these files on the primary security server and copy these files to all the secondary security servers on the network. Table
Table | Security Server Files That Require Configuration | |
|
|
|
| Configuration File | Function |
|
|
|
| /opt/krb5/krb.conf | Describes the default realm of the |
|
| primary security server and the |
|
| roles of each server for that |
|
| particular realm. |
|
|
|
| /opt/krb5/krb.realms | Provides a way to map the host |
|
| name or domain name to the |
|
| associated realm name. |
|
|
|
| /opt/krb5/admin_acl_file | Controls the administrative |
|
| permissions for administrators. See |
|
| |
|
| page 113 for more information. |
|
|
|
| /opt/krb5/password.policy | Controls password policy for the |
|
| entire security network. See |
|
| |
|
| for more information. |
|
|
|
| /opt/krb5/kpropd.ini | Contains the configuration |
|
| information that is used for |
|
| propagation. This is a text file. See |
|
| |
|
| more information. |
|
|
|
This chapter contains detailed descriptions of the krb.conf and krb.realms configuration files. If you have opted to configure LDAP as the backend, see “Planning Your LDAP Configuration” on page 83.
64 | Chapter 5 |