f.write("\tkdc_ports = 88\n")
f.write("\tkdc_tcp_ports = 88\n")
f.write("\tkadmind_port = 464\n")
+ f.write("\trestrict_anonymous_to_tgt = true\n")
f.write("\n")
f.write("[realms]\n")
f.write("\t%s = {\n" % realm)
+ f.write("\t\tmaster_key_type = aes256-cts\n")
+ f.write("\t\tdefault_principal_flags = +preauth\n")
f.write("\t}\n")
f.write("\n")
f.write("\t%s = {\n" % realm.lower())
+ f.write("\t\tmaster_key_type = aes256-cts\n")
+ f.write("\t\tdefault_principal_flags = +preauth\n")
f.write("\t}\n")
f.write("\n")
f.write("\t%s = {\n" % domain)
+ f.write("\t\tmaster_key_type = aes256-cts\n")
+ f.write("\t\tdefault_principal_flags = +preauth\n")
f.write("\t}\n")
f.write("\n")
[kdcdefaults]
kdc_ports = 88
kdc_tcp_ports = 88
+ restrict_anonymous_to_tgt = true
[realms]
$ctx->{realm} = {
+ master_key_type = aes256-cts
+ default_principal_flags = +preauth
}
$ctx->{dnsname} = {
+ master_key_type = aes256-cts
+ default_principal_flags = +preauth
}
$ctx->{domain} = {
+ master_key_type = aes256-cts
+ default_principal_flags = +preauth
}
[dbmodules]