Configuring the Kerberos Server With
Configuration Files for the Kerberos Server
The krb.conf File
The krb.conf configuration file contains information about the default realm of the host, the administration server, and security servers for known realms. HP recommends that you copy the krb.conf.sample file from the /opt/krb5/examples directory to the /opt/krb5 directory.
This file must reside in the /opt/krb5 directory and must have the following permissions:
The configuration file identifies the servers that support authentication for the designated realm, and defines the default realm for the host where the file is stored.
The krb.conf file lists the default realm of the host system. It also maps known realms to their primary and secondary security servers by host name, and network location.
Assuming that your network environment performs
The krb.conf file is used during propagation configuration. The realm specified in the first line of the configuration file is considered as the default realm of the server. This has to be the first realm created in the database containing the K/M principal.
The krb.conf File FormatUse the format shown below to create an entry in the krb.conf file. See Appendix B, “Sample krb.conf File,” on page 315 to see how a sample krb.conf file looks.
Your_Realm_Name
Your_Realm_Name Your_Secondary_Server1
Your_Realm_Name Your_Secondary_Server2
Your_Realm_Name your_primary_server admin server
The first line of the krb.conf file identifies the host system’s default realm. By convention, realm names are in uppercase letters to visually distinguish them from domain names.
Chapter 5 | 65 |