NOTE
NOTE
Configuring the Kerberos Server With
Configuration Files for the Kerberos Server
The krb.realms file must contain sufficient entries to define the realm used by every service a client computer must access. You can create a krb.realms file that contains all the required entries for your enterprise.
If you support
The krb.realms file does not identify systems as primary or secondary security servers. It does not define the relationship between the primary and secondary security servers. These definitions exist in the krb.conf configuration file.
The krb.realms File FormatUse the format below to add entries in the krb.realms file. See Appendix C, “Sample krb.realms File,” on page 319to see how a sample krb.realms file looks.
Your_Primary_Security_Server Your_Realm_Name
.Your_Secondary_Security_Server Your_Realm_Name
*.Your_Domain_Name Your_Realm_Name
You can add entries to the file to identify various translations from host names to realm names. The order of the entries is insignificant.
Each entry in the file requires two fields that are separated either by a space or by a tab. The following format is generally used:
•The first field specifies a name. You can either specify a single host name or specify multiple host names with one entry using the wildcards . (period) or * (asterisk), respectively, as described in Table
•The second field specifies the associated realm. By convention, realm names must be in uppercase letters to visually distinguish realm names from domain names.
Realm names are case sensitive. You must type the correct case for the realm name if you are not following the uppercase convention.
Chapter 5 | 67 |