This is an example of a krb5.conf file a client might use with Active Directory as the KDC.
# Please note that customers must alter the
# default_realm, [realms] and [domain_realm]
# information to reflect their Kerberos environment.
# Customers should *not* attempt to use this file as is.
#
[libdefaults]
default_realm = W2K.SYBASE.COM
default_tgs_enctypes = des-cbc-crc
default_tkt_enctypes = des-cbc-crc
kdc_req_checksum_type = 2
ccache_type = 2
[realms]
W2K.SYBASE.COM = {
kdc = 1.2.3.4:88
admin_server = adserver
}
[domain_realm]
.sybase.com = W2K.SYBASE.COM
sybase.com = W2K.SYBASE.COM
[logging]
default = FILE:/var/krb5/kdc.log
kdc = FILE:/var/krb5/kdc.log
kdc_rotate = {
# How often to rotate kdc.log. Logs will get rotated no
# more often than the period, and less often if the KDC
# is not used frequently.
period = 1d
# how many versions of kdc.log to keep around
# (kdc.log.0, kdc.log.1, ...)
versions = 10
}
[appdefaults]
kinit = {
renewable = true
forwardable= true
}
