Filter
Top Products
Configuring the Kerberos Server With C-Tree Backend
Configuration Files for the Kerberos Server
Chapter 5 65
The krb.conf File
The krb.conf configuration file contains information about the default
realm of the host, the administration server, and security servers for
known realms. HP recommends that you copy the krb.conf.sample file
from the /opt/krb5/examples directory to the /opt/krb5 directory.
This file must reside in the /opt/krb5 directory and must have the
following permissions:
-rw-r--r-- root 3
The configuration file identifies the servers that support authentication
for the designated realm, and defines the default realm for the host
where the file is stored.
The krb.conf file lists the default realm of the host system. It also maps
known realms to their primary and secondary security servers by host
name, and network location.
Assuming that your network environment performs load-balancing and
redundancy, you must create multiple versions of the krb.conf file. You
must also configure secondary security servers to act as authentication
servers. This allows the primary security server to be available for tasks
other than authentication.
The krb.conf file is used during propagation configuration. The realm
specified in the first line of the configuration file is considered as the
default realm of the server. This has to be the first realm created in the
database containing the K/M principal.
The krb.conf File Format
Use the format shown below to create an entry in the krb.conf file. See
Appendix B, “Sample krb.conf File,” on page 315 to see how a sample
krb.conf file looks.
Your_Realm_Name
Your_Realm_Name Your_Secondary_Server1
Your_Realm_Name Your_Secondary_Server2
Your_Realm_Name your_primary_server admin server
The first line of the krb.conf file identifies the host system’s default
realm. By convention, realm names are in uppercase letters to visually
distinguish them from domain names.