Configuration

Auto-Configuration of the Security Server

Auto-Configuration of the Security Server

An automated tool named, krbsetup, has been provided to auto-configure your Kerberos Server. Using this tool, you can configure; un-configure; start and stop the kdcd and the kadmind daemons.

This tool is installed at the following directory:

/opt/krb5/sbin

This tool will automatically create your krb.conf and krb.realms files and places them in the /opt/krb5 directory. This tool allows you:

specify whether you want to configure your Kerberos server as either a Primary security server or a Secondary security server

customize your realm name

enables you with the option of creating a stash file

allows you to specify the encryption type

The other sections in the configuration files will be set to it’s default values. If you want to customize these sections, you will have to manually edit the configuration files and restart the kdcd and kadmind daemons using this tool. This tool also allows you to customize the encryption type and stash file.

Refer to “Configuration Files For The Kerberos Server” on page 63, for more information.

NOTE

It is strongly recommend that you use this tool to configure your basic

 

Kerberos Server.

 

 

Given below is a step-wise procedure to auto-configure your Kerberos server:

Step 1. Run the utility, /opt/krb5/sbin/krbsetup

Step 2. Select one of the following options:

64

Chapter 5