More Active Directory and Linux

From RSWiki
Jump to navigation Jump to search


 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log 

 ticket_lifetime = 24000
 default_realm = EXAMPLE.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 default_tkt_enctypes = des-cbc-md5 des-cbc-crc
 default_tgs_enctypes = des-cbc-md5 des-cbc-crc 

  kdc =
  kdc =
  admin_server =
  kpasswd_server =
  kpasswd_protocol = SET_CHANGE
  default_domain =

[domain_realm] = EXAMPLE.COM = EXAMPLE.COM  

 profile = /var/kerberos/krb5kdc/kdc.conf

 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false


# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth   required    /lib/security/$ISA/
auth   sufficient  /lib/security/$ISA/
auth   sufficient  /lib/security/$ISA/ use_first_pass likeauth nullok
auth   required    /lib/security/$ISA/ 

account   required    /lib/security/$ISA/  

password  required    /lib/security/$ISA/ retry=3 type=
password  sufficient  /lib/security/$ISA/ nullok use_authtok md5 shadow
password  required    /lib/security/$ISA/

session   required    /lib/security/$ISA/
session   required    /lib/security/$ISA/
session   optional    /lib/security/$ISA/


# /etc/nsswitch.conf
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
# Legal entries are:
#	nisplus or nis+		Use NIS+ (NIS version 3)
#	nis or yp		Use NIS (NIS version 2), also called YP
#	dns			Use DNS (Domain Name Service)
#	files			Use the local files
#	db			Use the local database (.db) files
#	compat			Use NIS on compat mode
#	hesiod			Use Hesiod for user lookups
#	[NOTFOUND=return]	Stop searching if not found so far

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files ldap [TRYAGAIN=continue]
shadow:     files
group:      files ldap [TRYAGAIN=continue]

hosts:      files dns

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files      

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files 

netgroup:   files 

publickey:  nisplus

automount:  files
aliases:    files nisplus