Configuring the Kerberos Server With C-Tree Backend
Configuration Files for the Kerberos Server
Chapter 566
NOTE Realm names are case sensitive; you must type the realm name correctly
if your site does not follow the uppercase convention.
The subsequent lines require fields that identify the security server host
names. Each field in the line must be separated by a space or a tab. The
second field indicates the Fully Qualified Domain Name (FQDN) of the
host security server for that realm.
The order of entries in the krb.conf file is important on the client
system, because it is used to identify the intended order of redundant
security servers. Applications attempting to connect to the security
server use this file to read the entries in the listed order. Redundant
security servers are used when higher priority security servers are
unavailable or when a network timeout has occurred.
To create comments, use the hash sign(#). Ignore blank lines, leading or
trailing white spaces in a line, and characters after a hash (#) symbol.
The krb.realms File
The krb.realms file defines host-to-realm or domain-to-realm name
mapping data. The krb.realms file is located only on Kerberos server
systems in the /opt/krb5 directory.
The krb.realms file ensures that all systems on the network can identify
the other systems that reside in each realm.
Because, the realm name is case sensitive, the Kerberos Server looks for
a domain name that is in uppercase characters. If you decide to follow
the default realm naming convention, the realm names are already in
uppercase characters, and you need not configure and maintain the
krb.realms file on your client system.
Secure applications initially search for a matching host name and then a
matching domain name in the krb.realms file. If a match is not found,
the application initiates a wildcard match.
If no translation entry applies or the file does not exist, the realm name
of the host is considered as the domain name of the host’s domain. This
domain name is converted to the uppercase equivalent.
