[libdefaults]
  default_realm = CSCLUB.UWATERLOO.CA
  forwardable = true
  proxiable = true
  dns_lookup_kdc = false
  dns_lookup_realm = false
  allow_weak_crypto = true

[realms]
  CSCLUB.UWATERLOO.CA = {
    kdc = kdc1.csclub.uwaterloo.ca
    kdc = kdc2.csclub.uwaterloo.ca
    admin_server = kadmin.csclub.uwaterloo.ca
  }

  STUDENT.CS.UWATERLOO.CA = {
    kdc = eponina.student.cs.uwaterloo.ca:88
    kdc = canadenis.student.cs.uwaterloo.ca:88
    admin_server = canadenis.student.cs.uwaterloo.ca:464
  }

  CS.UWATERLOO.CA = {
    kdc = intacta.cs.uwaterloo.ca:88
    kdc = serverus.cs.uwaterloo.ca:88
    admin_server = intacta.cs.uwaterloo.ca:464
  }

  ADS.UWATERLOO.CA = {
    kdc = ads.uwaterloo.ca:88
    admin_server = ads.uwaterloo.ca:464
    default_domain = ads.uwaterloo.ca
  }

  NEXUS.UWATERLOO.CA = {
    kdc = nexus.uwaterloo.ca:88
    kdc = nexus.uwaterloo.ca
    admin_server = nexus.uwaterloo.ca:464
  }

[domain_realm]
  .uwaterloo.ca = ADS.UWATERLOO.CA
  uwaterloo.ca = ADS.UWATERLOO.CA
  .csclub.uwaterloo.ca = CSCLUB.UWATERLOO.CA
  csclub.uwaterloo.ca = CSCLUB.UWATERLOO.CA
  .nexus.uwaterloo.ca = NEXUS.UWATERLOO.CA
  nexus.uwaterloo.ca = NEXUS.UWATERLOO.CA
  .cs.uwaterloo.ca = CS.UWATERLOO.CA
  cs.uwaterloo.ca = CS.UWATERLOO.CA
  .student.cs.uwaterloo.ca = STUDENT.CS.UWATERLOO.CA
  student.cs.uwaterloo.ca = STUDENT.CS.UWATERLOO.CA

[logging]
  kdc = FILE:/var/log/krb5kdc.log
  admin_server = FILE:/var/log/kadmin.log
  default = FILE:/var/log/krb5.log


#[dbmodules]
# openldap_ldapconf = {
#   db_library = kldap
#   ldap_kerberos_container_dn = "cn=kerberos,dc=csclub,dc=uwaterloo,dc=ca"
#   ldap_kdc_dn = "cn=kerberos-kdc,dc=csclub,dc=uwaterloo,dc=ca"
#   ldap_kadmind_dn = "cn=kerberos-admin,dc=csclub,dc=uwaterloo,dc=ca"
#   ldap_service_password_file = /etc/krb5kdc/service.keyfile
#   ldap_servers = ldapi:///
# }