HI If i check IPA client machine enrolled with ipa-client, the krb5.conf file looks like below:
[root@kwttestmrbs001 krb5.include.d]# more /etc/krb5.conf #File modified by ipa-client-install includedir /var/lib/sss/pubconf/krb5.include.d/ [libdefaults] default_realm = SOLIPA.LOCAL dns_lookup_realm = true dns_lookup_kdc = true rdns = false ticket_lifetime = 24h forwardable = yes [realms] SOLIPA.LOCAL = { pkinit_anchors = FILE:/etc/ipa/ca.crt } [domain_realm] .solipa.local = SOLIPA.LOCAL solipa.local = SOLIPA.LOCAL and the includedir /var/lib/sss/pubconf/krb5.include.d/ is including : [root@kwttestmrbs001 krb5.include.d]# more domain_realm_solipa_local [domain_realm] .kwttestdc.com = KWTTESTDC.COM kwttestdc.com = KWTTESTDC.COM anyone please help me to prepare proper krb5.conf file for solaris box IPA Server is : kwtpocpbis01.solipa.local Solaris (client) : kwttestsolaris10.solipa.local Active Directory: kwttestdc001.kwttestdc.com Regards, Ben On Wed, Jan 7, 2015 at 2:11 PM, Ben .T.George <bentech4...@gmail.com> wrote: > Hi List > > correct me if i am wrong. > > currently my client krb5.conf holding AD details. and my client is Solaris > > here is my file. > > bash-3.2# more /etc/krb5/krb5.conf > [libdefaults] > default_realm = KWTTESTDC.COM > > [realms] > KWTTESTDC.COM = { > kdc = kwttestdc001.kwttestdc.com:88 > admin_server = kwttestdc001.kwttestdc.com:749 > } > > [domain_realm] > .kwttestdc.com = KWTTESTDC.COM > kwttestdc.com = KWTTESTDC.COM > > [logging] > default = FILE:/var/krb5/kdc.log > kdc = FILE:/var/krb5/kdc.log > kdc_rotate = { > period = 1d > versions = 10 > } > > [appdefaults] > kinit = { > renewable = true > forwardable= true > } > > > please anyone varify this is right or wrong > > Regards, > Ben > > >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project