Configuring the Kerberos Server with LDAP
Configuration Files for LDAP Integration
Table | krb5_ldap.conf File Format (Continued) | |
|
|
|
| Parameter | Description |
|
|
|
| directory_server | This line indicates a space |
|
| separated list of LDAP Servers. |
|
| Example: fox.bambi.com:389 |
|
| deer.bambi.com |
|
|
|
| base_dn_for_search | This line indicates the default |
|
| base DN for search is the root of |
|
| the directory tree on the Directory |
|
| server, where the Kerberos server |
|
| searches for kerberos principals. |
|
| Example: ou=People, |
|
| o=bambi.com |
|
|
|
| default_princ_subtree | The default principal subtree DN |
|
| is where all Kerberos principals |
|
| are added by default, if no LDAP |
|
| entry is specified while creating |
|
| the kerberos principal. The |
|
| default principal subtree DN must |
|
| be located under the default base |
|
| DN for search functionality. |
|
| Example: ou=people, |
|
| o=bambi.com |
|
|
|
| security_mech | This line specifies the security |
|
| mechanism used to connect to the |
|
| LDAP server. Currently, the |
|
| supported mechanisms are |
|
| Password and Secure Sockets |
|
| Layer (SSL). |
|
|
|
| default_object_template | This line specifies the structural |
|
| class, which is added by default. |
|
| Example: posixaccount |
|
|
|
76 | Chapter 6 |