[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = AUTOBKR.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
AUTOBKR.COM = {
kdc = kvm-guest-04.rhts.eng.bos.redhat.com
admin_server = kvm-guest-04.rhts.eng.bos.redhat.com
}
[domain_realm]
kvm-guest-04.rhts.eng.bos.redhat.com = AUTOBKR.COM
…
service kadmin stop
service krb5kdc stop
echo "Removing old krb files"
rm -fv /etc/krb5.keytab
rm -fv /var/kerberos/krb5kdc/principal
rm -fv /var/kerberos/krb5kdc/principal.kadm5
rm -fv /var/kerberos/krb5kdc/principal.kadm5.lock
rm -fv /var/kerberos/krb5kdc/principal.ok
rm -fv /var/kerberos/krb5kdc/kadm5.acl
rm -fv /tmp/krb5cc_*
rm -fv /var/tmp/krb5kdc_rcache
rm -fv /var/tmp/rc_kadmin_0
kdc_acl_conf="/var/kerberos/krb5kdc/kadm5.acl"
echo "Making $kdc_acl_conf"
echo "*/admin@EXAMPLE.COM *" >> $kdc_acl_conf
kdb5_util create -s -P redhat
kadmin.local -q "addprinc -pw redhat root/admin"
kadmin.local -p root/admin -q "addprinc -randkey nfs/$HOSTNAME"
kadmin.local -p root/admin -q "ktadd -e des-cbc-crc:normal -k /etc/krb5.keytab nfs/$HOSTNAME"
kadmin.local -p root/admin -q "addprinc -randkey host/$HOSTNAME"
kadmin.local -p root/admin -q "ktadd -e des-cbc-crc:normal -k /etc/krb5.keytab host/$HOSTNAME"
kadmin.local -p root/admin -q "listprincs"
klist -e -k -t /etc/krb5.keytab
service krb5kdc start
service kadmin start
setenv KRB5CCNAME /tmp/krb5cc_jdoe_ncsa