kerberos
Chris Robinson
business at krc.org.uk
Wed Nov 10 12:19:29 UTC 2010
Hi
i am trying to get active directory working.
root at bfs08:/etc/krb5kdc# krb5_newrealm
This script should be run on the master KDC/admin server to initialize a
Kerberos realm. It will ask you to type in a master key
password. This password will be used to generate a key that
is stored in /etc/krb5kdc/stash. You should try to remember this
password, but it is much more important that it be a strong
password than that it be remembered. However, if you lose the password
and /etc/krb5kdc/stash, you cannot decrypt your Kerberos
database. kdb5_util: Improper format of Kerberos configuration file
while initializing Kee
root at bfs08:/etc/krb5kdc#
root at bfs08:/etc/krb5kdc# more
kdc.conf
[kdcdefaults]
kdc_ports =
750,88
default_realm =
local.bfs.uk.com
[realms]
local.bfs.uk.com =
{
database_name =
/var/lib/krb5kdc/principal
admin_keytab =
FILE:/etc/krb5kdc/kadm5.keytab
acl_file =
/etc/krb5kdc/kadm5.acl
key_stash_file =
/etc/krb5kdc/stash kdc_ports
= 750,88
max_life = 10h 0m
0s
max_renewable_life = 7d 0h 0m
0s master_key_type =
des3-hmac-sha1
supported_enctypes = aes256-cts:normal arcfour-hmac:normal
des3-hmac-sha1:normal des-cbc-crc:normal des:normal des:v4 des:norealm
des:onlyrealm des:afs3 default_principal_flags =
+preauth
}
root at bfs08:/etc/krb5kdc#
--
Regards
Chris Robinson
W: http://business.krc.org.uk
E: business at krc.org.uk
T: 01708 701767
F: 020 7099 6814
M: 07887 98 33 55
More information about the ubuntu-users
mailing list