krb5
[omsmith/bootstrap.git] / templates / krb5.conf
1 [libdefaults]
2         default_realm = CSCLUB.UWATERLOO.CA
3         forwardable = true
4         proxiable = true
5         dns_lookup_kdc = false
6         dns_lookup_realm = false
7
8         # remove this once NFS mounts without it
9         allow_weak_crypto = true
10
11 [realms]
12         CSCLUB.UWATERLOO.CA = {
13                 kdc = kdc1.csclub.uwaterloo.ca
14                 kdc = kdc2.csclub.uwaterloo.ca
15                 admin_server = kadmin.csclub.uwaterloo.ca
16                 database_module = openldap_ldapconf
17         }
18
19         CMCLUB.UWATERLOO.CA = {
20                 kdc = staples.cmclub.uwaterloo.ca
21                 admin_server = staples.cmclub.uwaterloo.ca
22         }
23
24
25         STUDENT.CS.UWATERLOO.CA = {
26                 kdc = eponina.student.cs.uwaterloo.ca:88
27                 kdc = canadenis.student.cs.uwaterloo.ca:88
28                 admin_server = canadenis.student.cs.uwaterloo.ca:464
29         }
30
31         CS.UWATERLOO.CA = {
32                 kdc = intacta.cs.uwaterloo.ca:88
33                 kdc = serverus.cs.uwaterloo.ca:88
34                 admin_server = intacta.cs.uwaterloo.ca:464
35         }
36
37         ADS.UWATERLOO.CA = {
38                 kdc = ads.uwaterloo.ca:88
39                 admin_server = ads.uwaterloo.ca:464
40                 default_domain = ads.uwaterloo.ca
41         }
42
43         NEXUS.UWATERLOO.CA = {
44                 kdc = nexus.uwaterloo.ca:88
45                 kdc = nexus.uwaterloo.ca
46                 admin_server = nexus.uwaterloo.ca:464
47         }
48
49 [domain_realm]
50         .uwaterloo.ca = ADS.UWATERLOO.CA
51         uwaterloo.ca = ADS.UWATERLOO.CA
52         .csclub.uwaterloo.ca = CSCLUB.UWATERLOO.CA
53         csclub.uwaterloo.ca = CSCLUB.UWATERLOO.CA
54         .cmclub.uwaterloo.ca = CSCLUB.UWATERLOO.CA
55         cmclub.uwaterloo.ca = CSCLUB.UWATERLO.CA
56         .nexus.uwaterloo.ca = NEXUS.UWATERLOO.CA
57         nexus.uwaterloo.ca = NEXUS.UWATERLOO.CA
58         .cs.uwaterloo.ca = CS.UWATERLOO.CA
59         cs.uwaterloo.ca = CS.UWATERLOO.CA
60         .student.cs.uwaterloo.ca = STUDENT.CS.UWATERLOO.CA
61         student.cs.uwaterloo.ca = STUDENT.CS.UWATERLOO.CA
62
63 [logging]
64         kdc = FILE:/var/log/krb5kdc.log
65         admin_server = FILE:/var/log/kadmin.log
66         default = FILE:/var/log/krb5.log
67
68
69 #[dbmodules]
70 #       openldap_ldapconf = {
71 #               db_library = kldap
72 #               ldap_kerberos_container_dn = "cn=kerberos,dc=csclub,dc=uwaterloo,dc=ca"
73 #               ldap_kdc_dn = "cn=kerberos-kdc,dc=csclub,dc=uwaterloo,dc=ca"
74 #               ldap_kadmind_dn = "cn=kerberos-admin,dc=csclub,dc=uwaterloo,dc=ca"
75 #               ldap_service_password_file = /etc/krb5kdc/service.keyfile
76 #               ldap_servers = ldapi:///
77 #       }
78 #