mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-06-10 18:55:53 +00:00
0b4aec7b6a
New variables have been added (undefined by default): krb5_dns_canonicalize_hostname krb5_pkinit_anchors krb5_pkinit_pool These are set according to the ipa version requirements. See roles/ipaclient/tasks/install.yml
40 lines
1.1 KiB
Django/Jinja
40 lines
1.1 KiB
Django/Jinja
includedir {{ krb5_conf_d }}
|
|
includedir {{ krb5_include_d }}
|
|
|
|
[libdefaults]
|
|
default_realm = {{ krb5_realm | upper }}
|
|
dns_lookup_realm = {{ krb5_dns_lookup_realm }}
|
|
dns_lookup_kdc = {{ krb5_dns_lookup_kdc }}
|
|
rdns = false
|
|
{% if krb5_dns_canonicalize_hostname is defined %}
|
|
dns_canonicalize_hostname = {{ krb5_dns_canonicalize_hostname }}
|
|
{% endif %}
|
|
ticket_lifetime = 24h
|
|
forwardable = true
|
|
udp_preference_limit = 0
|
|
default_ccache_name = {{ krb5_default_ccache_name }}
|
|
|
|
[realms]
|
|
{{ krb5_realm | upper }} = {
|
|
{% for server in krb5_servers %}
|
|
kdc = {{ server }}:88
|
|
master_kdc = {{ server }}:88
|
|
admin_server = {{ server }}:749
|
|
kpasswd_server = {{ server }}:464
|
|
{% endfor %}
|
|
{% if krb5_no_default_domain | bool %}
|
|
default_domain = {{ krb5_realm | lower }}
|
|
{% endif %}
|
|
{% if krb5_pkinit_anchors is defined %}
|
|
pkinit_anchors = {{ krb5_pkinit_anchors }}
|
|
{% endif %}
|
|
{% if krb5_pkinit_pool is defined %}
|
|
pkinit_pool = {{ krb5_pkinit_pool }}
|
|
{% endif %}
|
|
}
|
|
|
|
[domain_realm]
|
|
.{{ krb5_realm | lower }} = {{ krb5_realm | upper }}
|
|
{{ krb5_realm | lower }} = {{ krb5_realm | upper }}
|
|
{{ ansible_host | lower }} = {{ krb5_realm | upper }}
|