From: Zhanna Tsitkov Date: Thu, 5 Jul 2012 15:29:16 +0000 (-0400) Subject: Clarify diff between krb5.conf and kdc.conf files X-Git-Tag: krb5-1.11-alpha1~448 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4d817ef1bdf1036c97013d541f30c8d5afb42de2;p=thirdparty%2Fkrb5.git Clarify diff between krb5.conf and kdc.conf files --- diff --git a/doc/rst_source/krb_admins/conf_files/krb5_conf.rst b/doc/rst_source/krb_admins/conf_files/krb5_conf.rst index e392c863f8..6f9a282eb6 100644 --- a/doc/rst_source/krb_admins/conf_files/krb5_conf.rst +++ b/doc/rst_source/krb_admins/conf_files/krb5_conf.rst @@ -88,6 +88,8 @@ The krb5.conf file may contain the following sections: :ref:`plugins` Controls plugin module registration =================== ======================================================= +Additionally, krb5.conf may include any of the relations described in +:ref:`kdc.conf(5)`, but it is not a recommended practice. .. _libdefaults: @@ -1012,28 +1014,6 @@ Here is an example of a generic krb5.conf file: ATHENA.MIT.EDU = . } - [logging] - kdc = SYSLOG:INFO - admin_server = FILE=/var/kadm5.log - [dbdefaults] - ldap_kerberos_container_dn = cn=krbcontainer,dc=example,dc=com - [dbmodules] - openldap_ldapconf = { - db_library = kldap - disable_last_success = true - ldap_kerberos_container_dn = cn=krbcontainer,dc=example,dc=com - ldap_kdc_dn = "cn=krbadmin,dc=example,dc=com" - # this object needs to have read rights on - # the realm container and principal subtrees - ldap_kadmind_dn = "cn=krbadmin,dc=example,dc=com" - # this object needs to have read and write rights on - # the realm container and principal subtrees - ldap_service_password_file = /etc/kerberos/service.keyfile - ldap_servers = ldaps://kerberos.mit.edu - ldap_conns_per_server = 5 - } - - FILES -----