summaryrefslogtreecommitdiff
path: root/configs
diff options
context:
space:
mode:
Diffstat (limited to 'configs')
-rw-r--r--configs/kerberos/kadm5.acl6
-rw-r--r--configs/kerberos/krb5.conf10
2 files changed, 7 insertions, 9 deletions
diff --git a/configs/kerberos/kadm5.acl b/configs/kerberos/kadm5.acl
new file mode 100644
index 0000000..76df603
--- /dev/null
+++ b/configs/kerberos/kadm5.acl
@@ -0,0 +1,6 @@
+# This file Is the access control list for krb5 administration.
+# When this file is edited run service krb5-admin-server restart to activate
+# One common way to set up Kerberos administration is to allow any principal
+# ending in /admin is given full administrative rights.
+# To enable this, uncomment the following line:
+*/admin *
diff --git a/configs/kerberos/krb5.conf b/configs/kerberos/krb5.conf
index 61f51c1..c78717b 100644
--- a/configs/kerberos/krb5.conf
+++ b/configs/kerberos/krb5.conf
@@ -1,19 +1,11 @@
[libdefaults]
default_realm = HADES.HR
- # The following krb5.conf variables are only for MIT Kerberos.
- kdc_timesync = 1
- ccache_type = 4
- forwardable = true
- proxiable = true
-
- # The following libdefaults parameters are only for Heimdal Kerberos.
- fcc-mit-ticketflags = true
-
[realms]
HADES.HR = {
kdc = krb.hades.hr
admin_server = krb.hades.hr
+ default_domain = hades.hr
}
[domain_realm]
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 10:28:34 +0000