internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-06-10 10:45:55 +00:00
Code Issues Projects Releases Wiki Activity
Files
915cc39b31b3dc021836fd93ebcc77458b767eae
ansible-freeipa/roles/ipa-krb5/templates/krb5.conf.j2
Thomas Woerner 1b2f6d7e8b ipaclient: Set default_domain in krb5.conf in the same way as ipa-client-install 
Set default_domain if not ipadiscovery.dnsok or not ipadiscovery.kdc like it
is done in ipa-client-install.
2018-07-19 13:00:39 +02:00

40 lines
1.1 KiB
Django/Jinja
Raw Blame History

includedir {{ krb5_conf_d }}
includedir {{ krb5_include_d }}
[libdefaults]
default_realm = {{ krb5_realm | upper }}
dns_lookup_realm = {{ krb5_dns_lookup_realm }}
dns_lookup_kdc = {{ krb5_dns_lookup_kdc }}
rdns = false
{% if krb5_dns_canonicalize_hostname is defined %}
dns_canonicalize_hostname = {{ krb5_dns_canonicalize_hostname }}
{% endif %}
ticket_lifetime = 24h
forwardable = true
udp_preference_limit = 0
default_ccache_name = {{ krb5_default_ccache_name }}
[realms]
{{ krb5_realm | upper }} = {
{% for server in krb5_servers %}
kdc = {{ server }}:88
master_kdc = {{ server }}:88
admin_server = {{ server }}:749
kpasswd_server = {{ server }}:464
{% endfor %}
{% if krb5_default_domain | bool %}
default_domain = {{ krb5_realm | lower }}
{% endif %}
{% if krb5_pkinit_anchors is defined %}
pkinit_anchors = {{ krb5_pkinit_anchors }}
{% endif %}
{% if krb5_pkinit_pool is defined %}
pkinit_pool = {{ krb5_pkinit_pool }}
{% endif %}
}
[domain_realm]
.{{ krb5_realm | lower }} = {{ krb5_realm | upper }}
{{ krb5_realm | lower }} = {{ krb5_realm | upper }}
{{ ansible_host | lower }} = {{ krb5_realm | upper }}
Reference in New Issue View Git Blame Copy Permalink