[26698] in CVS-changelog-for-Kerberos-V5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krb5 commit: Updated Example section in kdc.conf

daemon@ATHENA.MIT.EDU (Zhanna A Tsitkova)
Wed Jul 11 10:28:48 2012

Date: Wed, 11 Jul 2012 10:28:04 -0400
From: Zhanna A Tsitkova <tsitkova@mit.edu>
Message-Id: <201207111428.q6BES4xG018233@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/6281a5c4eff576d64a0af30d09823370105734ca
commit 6281a5c4eff576d64a0af30d09823370105734ca
Author: Zhanna Tsitkov <tsitkova@mit.edu>
Date:   Wed Jul 11 10:35:20 2012 -0400

    Updated Example section in kdc.conf

 doc/rst_source/krb_admins/conf_files/kdc_conf.rst  |   19 +++++++++++++++++++
 doc/rst_source/krb_admins/conf_files/krb5_conf.rst |    5 -----
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/doc/rst_source/krb_admins/conf_files/kdc_conf.rst b/doc/rst_source/krb_admins/conf_files/kdc_conf.rst
index 06d9213..bcb5e7c 100644
--- a/doc/rst_source/krb_admins/conf_files/kdc_conf.rst
+++ b/doc/rst_source/krb_admins/conf_files/kdc_conf.rst
@@ -662,12 +662,31 @@ Here's an example of a kdc.conf file:
             max_renewable_life = 7d 0h 0m 0s
             master_key_type = des3-hmac-sha1
             supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal des-cbc-crc:v4
+            database_module = openldap_ldapconf
         }
 
     [logging]
         kdc = FILE:/usr/local/var/krb5kdc/kdc.log
         admin_server = FILE:/usr/local/var/krb5kdc/kadmin.log
 
+    [dbdefaults]
+        ldap_kerberos_container_dn = cn=krbcontainer,dc=mit,dc=edu
+
+    [dbmodules]
+        openldap_ldapconf = {
+            db_library = kldap
+            disable_last_success = true
+            ldap_kdc_dn = "cn=krbadmin,dc=mit,dc=edu"
+                # this object needs to have read rights on
+                # the realm container and principal subtrees
+            ldap_kadmind_dn = "cn=krbadmin,dc=mit,dc=edu"
+                # this object needs to have read and write rights on
+                # the realm container and principal subtrees
+            ldap_service_password_file = /etc/kerberos/service.keyfile
+            ldap_servers = ldaps://kerberos.mit.edu
+            ldap_conns_per_server = 5
+        }
+
 
 FILES
 ------
diff --git a/doc/rst_source/krb_admins/conf_files/krb5_conf.rst b/doc/rst_source/krb_admins/conf_files/krb5_conf.rst
index 6f9a282..7c52244 100644
--- a/doc/rst_source/krb_admins/conf_files/krb5_conf.rst
+++ b/doc/rst_source/krb_admins/conf_files/krb5_conf.rst
@@ -996,11 +996,6 @@ Here is an example of a generic krb5.conf file:
             kdc = kerberos-1.example.com
             admin_server = kerberos.example.com
         }
-        OPENLDAP.MIT.EDU = {
-            kdc = kerberos.mit.edu
-            admin_server = kerberos.mit.edu
-            database_module = openldap_ldapconf
-        }
 
     [domain_realm]
         .mit.edu = ATHENA.MIT.EDU
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[26698] in CVS-changelog-for-Kerberos-V5

krb5 commit: Updated Example section in kdc.conf

daemon@ATHENA.MIT.EDU (Zhanna A Tsitkova)Wed Jul 11 10:28:48 2012

daemon@ATHENA.MIT.EDU (Zhanna A Tsitkova)
Wed Jul 11 10:28:48 2012