Config files on CentOS: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
{{ | {{Deprecated}} | ||
'''/etc/krb5.conf''' | '''/etc/krb5.conf''' |
Latest revision as of 11:45, 27 February 2017
This information is deprecated. It should be considered end of life and should not be used in any production setting
/etc/krb5.conf
[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = SWEETNAM.EU dns_lookup_realm = true dns_lookup_kdc = true [realms] SWEETNAM.EU = { kdc = 172.20.1.1:88 admin_server = 172.20.1.1:749 default_domain = sweetnam.eu kdc = 172.20.1.1 } [domain_realm] .sweetnam.eu = SWEETNAM.EU sweetnam.eu = SWEETNAM.EU [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false }
/etc/samba/smb.conf
[global] idmap gid = 500-10000000 client use spnego = yes domain master = no winbind trusted domains only = yes winbind use default domain = yes realm = SWEETNAM.EU template shell = /bin/bash netbios name = CENTOS password server = 172.20.1.1 winbind enum users = no idmap uid = 500-10000000 template homedir = /home/%D/%U workgroup = SWEETNAM winbind enum groups = no security = ads winbind separator = +
/etc/nsswitch.conf
passwd: compat winbind files shadow: compat winbind files group: compat winbind files hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files winbind rpc: files services: files winbind netgroup: files winbind publickey: nisplus automount: files winbind aliases: files nisplus
/etc/pam.d/system-auth
auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_krb5.so use_first_pass auth sufficient /lib/security/$ISA/pam_smb_auth.so use_first_pass nolocal auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so broken_shadow account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet account sufficient /lib/security/$ISA/pam_krb5.so account sufficient /lib/security/$ISA/pam_winbind.so account required /lib/security/$ISA/pam_permit.so password requisite /lib/security/$ISA/pam_cracklib.so retry=3 password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow password sufficient /lib/security/$ISA/pam_krb5.so use_authtok password sufficient /lib/security/$ISA/pam_winbind.so use_authtok password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so session optional /lib/security/$ISA/pam_krb5.so