Configuration

Sample krb.realms

NOTE

NOTE

Sample krb.realms

The sample krb.realms file named krb.realms.sample is available in the /opt/krb5/examples directory. Copy this sample file and modify it to reflect your realm name. This file should be copied to the following location:

/opt/krb5

The realm names are case sensitive.

Replace the underlined Your_Realm_Name,

Your_Primary_Security_Server, Your_Secondary_Server_Server and Your_Domain_Name with the name of your Kerberos REALM, primary and secondary servers hostnames.

Your_Primary_Security_Server Your_Realm_Name

#

.Your_Secondary_Security_Server Your_Realm_Name

#

*.Your_Domain_Name Your_Realm_Name

#

Given below is an example with a brief explanation of the krb.realms file.

deer.bambi.com BAMBI.COM

# map

host directly

.fox.bambi.com BAMBI.COM

# all

hosts in domain

*.bambi.com BAMBI.COM

# all

the other hosts belonging

 

to

the domain and sub-domains

Line one of the krb.realms file maps the host admin.bambi.com to the BAMBI.COM realm.

Line two of the krb.realms file maps all hosts in the fox.bambi.com domain to the BAMBI.COM realm

The preceding dot in this line identifies the first field as a domain name rather than a hostname.

Typically, this line is not required as the realm name, by default, is the upper-case equivalent of the domain name.

76

Chapter 5

Page 76
Image 76
HP UX Kerberos Data Security Software manual Sample krb.realms